Truecaller, the so-called ‘global directory’ of phone numbers has just been hacked by the Syrian Electronic Army and according to some estimates, millions of phone numbers and other private information has been leaked.
Truecaller calls itself the biggest global collaborative directory and has a popular app and looks out and finds the name of the persons who call you. It connects to people’s Facebook, Twitter, LinkedIn and gmail and even stores credit card information. If you are a Truecaller user we would advise you to take precautions and change your passwords to anything you have used via the app.
The Syrian Electronic Army is a cyber proliferation group that has been responsible for such activities before too. Just this April, they posted on Twitter that the White House had been bombed and Barack Obama injured, causing a 130 Million loss to the Dow Jones Index.
The way the whole thing has unravelled is notorious. Everyone was put on alert by a Tweet posted by the SEA which said,
“Sorry @Truecaller, we needed your database, thank you for it
http://truecaller.com #SEA #SyrianElectronicArmy”.
After that, the whole thing was confirmed by Truecaller in a declaration issued on its blog.
“Truecaller experienced a cyberattack on our website that resulted in an unauthorized access to some data. We were able to shut it down moments after we discovered it. Our investigation into the matter indicates the attackers were able to access ‘tokens’, which was immediately reset. Metaphorically speaking, a ‘token’ is a unique lock for each user, but what the attackers did not acquire is the needed key, which has also been reset.
Truecaller does not store passwords, credit card information, or any other sensitive information about our users. It is false information that attackers were able to access our user’s Facebook, Twitter, or any other social media passwords.
We are still investigating the extent of unauthorized access of our database. We have outlined steps to help us deal with the situation. These steps include more complex security measures and various other tools we want to keep within the company.
We feel it is crucial to publicize the attack because it is important that we keep true to the honesty and integrity of the Truecaller brand.
We want to thank our users for their patience, as we are still investigating and acquiring information.”
It seems the hackers have made merry with around 450 GB of data.
Truecaller has around 1 million Indian visitors as serious risk because of this leak. It is an unfortunate incident but brings out the fact that safety issues with app needs more attention now than ever. Even though we use them for many of our daily activities and even though they have made life convenient for us, serious safety issues need to be addressed with apps so that such incidents can be prevented.