Cyber Incident Victim: Freedom Finance

In December 2020, Freedom Finance, a brokerage firm, acknowledged a data breach impacting approximately 16,000 clients after reports emerged that customer information had surfaced on multiple underground cybercrime forums. The incident first came to public attention when third-party reports identified the unauthorized exposure of client data within these illicit online spaces. Company founder and CEO Timur Turlov confirmed the breach through a statement posted on his personal Instagram account, disclosing that the compromised records originated from 2018 datasets. Turlov’s admission constituted the organization’s primary public response to the incident, though no detailed technical explanation regarding the breach mechanism or intrusion timeline was provided in the available statements. The disclosure did not specify whether the exposed data resulted from external cyberattacks, internal mishandling, or system vulnerabilities.

The confirmed impact scope involved personal and potentially financial information belonging to 16,000 individuals who utilized Freedom Finance’s brokerage services. While the exact data elements compromised were not enumerated in public reports, typical broker-client records could include names, contact details, account identifiers, or transaction histories. The exposure of such information on shadow forums created elevated risks of financial fraud, phishing campaigns, and identity theft targeting affected clients. Freedom Finance did not describe any remediation measures offered to impacted individuals, such as credit monitoring or identity protection services. The company’s acknowledgment emphasized the historical nature of the dataset but did not address whether contemporary systems underwent security reviews following the incident. The breach highlighted persistent data retention risks and the potential for older archived records to resurface through unauthorized channels years after their collection.