About the incident
Freedom Mobile has revealed a data breach that leaked personal information belonging to a limited number of customers. This happened after illegal access to its internal systems in late October.
As per the notice sent to customers, the breach was found in late October, when the security team found illicit activity on its customer account management platform. "Our investigation revealed that a third party used the account of a subcontractor to gain access to the personal information of a limited number of our customers," the statement read.
Attack tactic
According to the investigation, a third-party got access via the account of a subcontractor. It means that a threat actor used genuine login credentials that belonged to an external partner, instead of directly breaking through technical defenses. After gaining access, the threat actors could view particular customer records. The exposed data consists home addresses, first and last names, contact numbers and Freedom Mobile account numbers.
Details such as account passwords, banking details, credit card were not hacked. The incident impacted only personal profile data, nof authentication secrets or financial data.
Once the intrusion was found, Freedom Mobile blocked malicious accounts and linked IP addresses, and deployed additional security measures on the platform.
These steps generally involve strict access permissions, which adds extra monitoring and reviewing login rules for subcontractor ms like implementation of strong passwords and two-factor authentication. No exposed information has been misused, the company has said.
Risks of stolen data
But the stolen data can be important for important social engineering and phishing attempts.
Threat actors may use these details to send scam messages on behalf of Freedom Mobile.
Freedom Mobile has requested customers to stay cautious of emails or texts that ask for personal information, or that redirect them to log in through links.
Freedom Mobile has emphasized that it never asks for credit card numbers, PINs by email, SMS, passwords, or other banking information. "We quickly identified the incident and implemented corrective measures and security enhancements, including blocking the suspicious accounts and corresponding IP addresses," the company said.
Customers have also been suggested to check their device for any suspicious activity to avoid downloading unexpected attachments or suspicious links. Meanwhile, the investigation is still continuing.
