Telus Digital suffered a breach exposing nearly 1 petabyte of data after ShinyHunters obtained Google Cloud Platform credentials from a prior Salesloft-Drift breach and used trufflehog to exfiltrate customer support data, call records, source code, and financial information across 28+ impacted clients. The threat actors demanded $65M in extortion.
A former DOGE software engineer embedded at the Social Security Administration allegedly exfiltrated a thumb drive containing Numident and Master Death File databases with 500+ million Americans' records (including SSNs, birthdates, race/ethnicity), then attempted to upload the data at a private sector job while claiming he expected a presidential pardon if caught. The incident reflects systemic failures in federal data security protocols resulting from DOGE's placement of inexperienced personnel with unfettered access to highly restricted government systems.