A major data breach has affected Freedom Mobile, the fourth biggest Canadian telecommunications provider. The data breach may have exposed sensitive information of thousands of customers.
Freedom Mobile Data Breach Could Be Canada’s Biggest Leak
The leak was discovered by vpnMentor researchers Noam Rotem and Ran Locam on April 17. A response from the company was received several days later, on April 24, when the breach was “plugged”.
On Tuesday, the two researchers reported that they were able to access an unprotected and unencrypted database that belongs to Freedom Mobile. The vulnerable database contained email and home address, phone and mobile numbers, dates of birth, customer types, and IP addresses linked to payment methods of the telecom’s customers.
If that’s not alarming enough, the database also included credit card numbers and CVV numbers (security codes) accompanied by credit score responses from Equifax and similar credit monitoring services.
It is also highly possible that the data breach exposed account numbers, subscription dates, billing cycle dates, and customer service records, which could help create a behavioral pattern of the company’s customers.
All these records appear to reflect every customer action associated with a specific account, enabling multiple entries per customer.
Affected Customers May Be Up to 1.5 Million
According to the researchers, up to 1.5 million active customers of Freedom Mobile may have been affected by the leak. Moreover, the team had full access to more than 5 million records but didn’t download the database due to ethical reasons.
Curiously enough, Freedom Mobile’s estimations of affected customers are quite different. The company says that not more than 15,000 customers were impacted in this data breach. Moreover, the incident is associated with a new third-part company, Apptium Technologies, which was recently assigned to deal with retail systems.
Nonetheless, the report says that the researchers could access at least 5 million unprotected records, adding that:
Freedom Mobile has at least 1.5 million subscribers, and its parent company is owned by Shaw Communications which has more than 3.2 million customers across Canada. This may the largest breach experienced by a Canadian company.
There are no indications that the exposed data was abused in any way, the telecom says.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: