Freedom Mobile, the fourth-largest wireless carrier in Canada, has disclosed a data breach after attackers hacked into its customer account management platform and stole the personal information of an undisclosed number of customers.
Founded in 2008 as Wind Mobile by telecommunications provider Globalive, Freedom has over 2,2 million subscribers and now says it provides coverage to 99% of Canadians.
Vidéotron, a subsidiary of Canadian telecommunications company Québecor, acquired Freedom in 2023, creating the country's fourth major wireless carrier with more than 3.5 million mobile customers and nearly 7,500 employees.
In a data breach notification published today, Freedom said it detected a breach of its customer account management platform on October 23.
"Our investigation revealed that a third party used the account of a subcontractor to gain access to the personal information of a limited number of our customers," Freedom stated.
"We quickly identified the incident and implemented corrective measures and security enhancements, including blocking the suspicious accounts and corresponding IP addresses."
The personal and contact information exposed in the incident includes first and last names, home addresses, dates of birth, home and/or cell phone numbers, and Freedom Mobile account numbers.
Although it found no evidence that the compromised data has been misused since the breach, the wireless carrier advised affected customers to be suspicious of unexpected messages requesting their personal information or directing them to a website to provide it.
Freedom also recommends not clicking links or downloading attachments from emails or texts that seem suspicious and regularly checking their accounts for unusual activity.
A Freedom Mobile spokesperson didn't reply to a request for comment when BleepingComputer reached out earlier today for more details on the data breach, including how many customers were affected, if the attackers also breached its internal network, and whether the carrier received a ransom demand after the incident.
... continue reading