May 132019

Roy Urrico reports:

Security researchers discovered an exposed Elasticsearch server containing up to 1.5 million Freedom Mobile users’ personal data, passwordless, and including unencrypted credit card and CVV numbers, expiration dates and verification numbers.

The five million exposed customer data logs belonged to Freedom Mobile, Canada’s fourth wireless telecommunications provider. The files, stored in plaintext, also held customer names, email and postal addresses, home and mobile phone numbers, birthdates, IP addresses connected to payment methods, customer types and account numbers. The logs also comprised credit checks filed through Equifax and other companies with details of the application results. A Freedom Mobile spokesperson for the company said the incident affected 15,000 customers.

Read more on Credit Union Times.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



This site uses Akismet to reduce spam. Learn how your comment data is processed.