Cyberattack on Freedom Mobile Compromises Personal Data of Thousands

Freedom Mobile, a Canadian telecommunications provider, reported a major data security incident in which threat actors breached its customer account management platform and stole customers’ personal information.

 

Freedom Mobile is a Canadian wireless telecommunications provider that offers mobile phone, internet and TV services. Founded in 2008 as Wind Mobile, it rebranded to Freedom Mobile in 2016 and is now owned by Québecor via its subsidiary Vidéotron.

 

In a data security incident notice published on its website, Freedom Mobile said that on October 23, it detected unauthorised activity in its customer account management platform.The telecom company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities about the same.

 

“Our investigation revealed that a third party used the account of a subcontractor to gain access to the personal information of a limited number of our customers. We quickly identified the incident and implemented corrective measures and security enhancements, including blocking the suspicious accounts and corresponding IP addresses,” Freedom Mobile said.

 

The incident exposed sensitive personal information belonging to Freedom Mobile customers, including their names, addresses, dates of birth, phone numbers, and account numbers.

 

The telecom provider has confirmed that the “incident did not affect your payment information or passwords.”

 

While Freedom Mobile did not share details of the incident, a company spokesperson told BleepingComputer that the network and operations were not affected and that “this is not a ransomware type of incident.”

 

The company has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. 

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Freedom Mobile. The telecom company also did not share details on who was behind the attack or  how many customers have been affected by the incident.