Freedom Mobile Discloses Customer Data Breach

Freedom Mobile detected a breach on October 23, 2025, and disclosed it December 3 after attackers used a subcontractor’s credentials to access a limited number of customer accounts. Exfiltrated data included full names, postal addresses, dates of birth, phone numbers and account numbers; the carrier says payment details and passwords were unaffected and offered one year of credit monitoring. The Office of the Privacy Commissioner may investigate under PIPEDA, raising regulatory and reputational risks.
Key Points
- 1Confirm subcontractor compromise exfiltrated names, addresses, birthdates, phone and account numbers.
- 2Enable identity theft, SIM-swap and targeted phishing, increasing fraud risk for affected customers and operators.
- 3Prompt demands for stronger third-party access controls, multi-factor authentication, zero-trust, and regular audits.
Scoring Rationale
Official disclosure and regulatory attention add credibility, but limited scope and familiar attack vector constrain impact.
Sources
Public references used for this report.
Practice with real Telecom & ISP data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Telecom & ISP problems
