Freedom Mobile Data Breach

Freedom Mobile confirmed Tuesday it had a data security breach from late March to late April 2019, but the wireless carrier said only about 15,000 customers were affected — far fewer than an outside research firm’s estimate.

The Calgary-based company — which operates networks in Ontario, Alberta and British Columbia — was apparently warned of the breach by researchers at vpnMentor, which announced it to the press.

The vpnMentor report said two of its researchers, Noam Rotem and Ran Locar, had warned Freedom of their findings on April 17, 18 and 23 but didn’t get a response from the company until April 24.

“For ethical reasons, we didn’t download the database, so we don’t know exactly how many people were affected,” the blog said. However, the blog was posted under the title “Report: Freedom Mobile Customer Data Breach Exposes 1.5 Million Customers” based on the assumption that hackers could access unencrypted data from all of Freedom’s customer base.

Freedom said in an emailed statement that “any reference to 1.5 million customers affected is inaccurate.”

The company said its investigation determined the breach began on March 25 and affected data processed by a new external third-party vendor, Apptium Technologies, that had been hired to streamline its retail customer support.

It said the problem was fixed by April 23.

Canadian Data Breaches

IT Canada reports that effective November 1, 2018  Canada’s new mandatory data breach notification law took effect

It forces companies that come under the federal data protection act to report serious violations of personal data safeguards to tell victims and the federal privacy commissioner. Violations could result in fines of up to $100,000.

Details are found here

Marriott Data Breach

The New York Times has reported that the Marriott hotel chain asked guests checking in for a treasure trove of personal information: credit cards, addresses and sometimes passport numbers. On Friday November 30, 2018 consumers learned the risk. Marriott International revealed that hackers had breached its Starwood reservation system and had stolen the personal data of up to 500 million guests.

Here is the story https://www.nytimes.com/2018/11/30/business/marriott-data-breach.html