Spanish telecoms company Telefónica has confirmed that its internal ticketing system has been hacked after the stolen data was posted on a hacker forum. The company, known as Spain’s largest telecom operator under the Movistar brand, is investigating the incident.
Telefónica said the breach involved unauthorized access to its Jira system, which is used to manage internal tasks and incidents. The attack occurred using compromised employee credentials. In response to the incident, the company reset passwords and blocked access to the system to prevent further leaks.
The hackers responsible for the attack said they stole around 2.3 GB of data, including documents, tickets, and other information. While some of the data was marked as customer-related, the tickets were allegedly opened by employees using corporate “@telefonica.com” addresses. One of the attackers said there was no attempt to blackmail or contact the company.
The incident came to light after Telefónica's Jira database was published on a hacker forum. Among the attackers, using the pseudonyms DNA, Grep, Pryx and Rey, three are linked to the recently emerged Hellcat Ransomware group. This group previously hacked Schneider Electric's Jira server, stealing 40 GB of data.
Telefónica said the breach involved unauthorized access to its Jira system, which is used to manage internal tasks and incidents. The attack occurred using compromised employee credentials. In response to the incident, the company reset passwords and blocked access to the system to prevent further leaks.
The hackers responsible for the attack said they stole around 2.3 GB of data, including documents, tickets, and other information. While some of the data was marked as customer-related, the tickets were allegedly opened by employees using corporate “@telefonica.com” addresses. One of the attackers said there was no attempt to blackmail or contact the company.
The incident came to light after Telefónica's Jira database was published on a hacker forum. Among the attackers, using the pseudonyms DNA, Grep, Pryx and Rey, three are linked to the recently emerged Hellcat Ransomware group. This group previously hacked Schneider Electric's Jira server, stealing 40 GB of data.