A threat actor has allegedly put 70 gigabytes of sensitive data belonging to Telecall, a major Brazilian telecommunications provider, up for sale on a dark web forum. Telecall is a key player in Brazil’s telecom industry, providing advanced VoIP, SIP, and broadband services to prominent commercial and government clients, including the national oil and gas company Petrobras. The company’s infrastructure is described as a critical backbone for commercial communications in Brazil, making this alleged breach particularly significant.
The seller claims the dataset contains a vast amount of strategic and sensitive information, representing only a fraction of a larger, yet-unexplored, trove of data. The information allegedly exposes deep operational details, network configurations, and customer data. According to the post, the compromised data includes tens of millions of records and is being offered for sale, with a price tag running into thousands of dollars in cryptocurrency. The threat actor suggests the data could be used for network analysis, fraud, or competitive intelligence.
The posting details the extensive nature of the allegedly leaked information, which reportedly includes:
- Call Detail Records (CDR) with originating/destination numbers, call times, and durations.
- SIP Network Configurations, including IP interfaces, routing policies, and quality of service settings.
- Number Management and Portability records.
- Lists of Toll-Free (0800) numbers for commercial clients.
- Internal technical documentation and operational guides.
- Incident management tickets, SLAs, and failure analysis reports.
- Customer data, including contracts and identification numbers (CNPJ/CPF).