Freedom Mobile, the fourth-largest wireless carrier in Canada, said attackers accessed its customer account management platform and stole personal information belonging to an undisclosed number of customers.
The company said it detected the breach on October 23 and that an outside party used the account of a subcontractor to gain access. Freedom published a data breach notification and said it blocked the suspicious accounts and the corresponding IP addresses as part of corrective measures and security enhancements.
Exposed information included first and last names, home addresses, dates of birth, home and/or cell phone numbers, and Freedom Mobile account numbers. The carrier said it found no evidence that the compromised data has been misused since the breach and advised affected customers to be wary of unexpected requests for personal information, to avoid clicking links or downloading attachments from suspicious messages, and to monitor accounts for unusual activity.
A Freedom Mobile spokesperson said the network and operations were not affected and that the incident was not a ransomware attack. The company did not disclose how many customers were affected.
Founded in 2008 as Wind Mobile by telecommunications provider Globalive, Freedom said it has more than 2.2 million subscribers and provides coverage to 99% of Canadians. Vidéotron acquired Freedom in 2023, creating a carrier with more than 3.5 million mobile customers and nearly 7,500 employees. Freedom previously confirmed a 2019 incident involving a third-party vendor that exposed an unsecured customer support database affecting about 15,000 customers; that incident was reported by CBC.