The company said its investigation determined the breach began on March 25 and affected data processed by a new external third-party vendor, Apptium Technologies, that had been hired to streamline its retail customer support.
“The internal systems of Freedom Mobile or (parent) Shaw Communications were not compromised as part of this third-party vendor security exposure,” the company said in a statement.
It said the breach affected customers at 17 retail stores who opened or changed accounts as late as April 15 or made changes to opened accounts on April 16. It said the problem was fixed by April 23.“Freedom Mobile hit by data breach, company says up to 15,000 customers affected” — Financial Post
The data breach was revealed by security researchers who suggested that perhaps millions, instead of 15,000 customers were affected. Freedom Mobile disputes this.
Other telecom companies have not been immune from data breaches:
- Bell Canada had a data breach in 2018 that affected “fewer than” 100,000 customers.
- Bell Canada suffered a data breach in 2017 that scooped up the email addresses of 1.9 million customers.
- Rogers Communications business customers were affected by a “small” data breach resulting from a hacked Rogers employee email account.