Hacker threatens to leak a rumoured huge cache of stolen Telefónica data

6 hours ago 2

(Image credit: Future) (Image credit: Future)

A threat actor claims to have stolen 106GB of sensitive files from Telefónica
Telefónica says the files were old, stolen from a previous incident
A sample was shared with the media, with the full batch soon to follow

A cybercriminal is threatening to release more than 100GB of sensitive data stolen from Spanish telecommunications giant Telefónica.

In January 2025, the company suffered a data breach at the hand of the Hellcat ransomware operation. At the time, the group broke into the telco through an internal Jira development and ticketing server.

Among the members of the group is a threat actor with the alias Rey, who said that while Telefónica was addressing one flaw, it created another, giving them 12 hours of uninterrupted data exfiltration. During that time, which Rey claims was in late May 2025, they allegedly stole 106GB of sensitive files, counting more than 380,000 files of internal communications, purchase orders, logs, customer records, and various employee data.

Old incident, or a new one?

The hacker has released a small 2.6GB sample, and are threatening to release the whole thing unless a payment is made.

But Telefónica is downplaying the incident. Speaking to BleepingComputer, a Telefónica O2 employee said the data is old and that there was no new breach.

To prove the authenticity of the data, Rey shared a sample with BleepingComputer, including a file tree.

“Some of the files included invoices to business clients in multiple countries, including Hungary, Germany, Spain, Chile, and Peru,” the publication said.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“In the files we received there were email addresses for employees in Spain, Germany, Peru, Argentina, and Chile, and invoices for business partners or customers in European countries.”

While the data found in the sample is from 2021 and older, the publication did state that some of the emails it saw belonged to “active employees”.

“Since Telefonica has been denying a recent 106 GB breach containing data from its internal infrastructure, I am releasing 5 GB here as proof. Soon, I will publish the full file tree, and over the next few weeks, if Telefonica does not comply, the entire archive will be released. ;)” - Rey said.

Telefónica says it was hit by systems breach, internal data leaked online
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article