Hacker group says it acquired databases of global phone directory Truecaller

Share this article:

More than a million Truecaller accounts were compromised in a recent hack.

Swedish-based Truecaller, the company that says it maintains the largest global phone directory, has become the latest target of the Syrian Electronic Army after the hacker collective made the announcement via Twitter less than 24 hours ago.

In exclusive comments to cyber security news site E Hacking News, members of the group said they acquired more than seven databases from Truecaller, including one totaling 450 GB. The report said that besides phone data the databases also contain access codes to more than a million Facebook, Twitter, LinkedIn and Gmail accounts.

The hackers reportedly accessed the admin panel and acquired information because the Truecaller website was running WordPress 3.5.1, an outdated version of the web publishing tool. The Truecaller product is primarily a free application on mobile devices, including iOS and Android, but features are accessible through the website. 

“Sorry @Truecaller, we needed your database, thank you for it :)" reads the first Twitter post regarding the attack. It was followed up almost immediately by a tweet containing the database host and name, complete with username and password. A picture from the database was tweeted out 15 hours later.

The Truecaller application works by uploading users' contacts into global databases, which – courtesy of crowdsourcing – have filled out tremendously over time. The website claims to have nearly a billion phone numbers. Features as well include caller ID and call blocking, as well as social media integration. The application is available in more than 100 countries.

Some of the affected users are from China and Turkey, according to the database photo posted by the Syrian Electronic Army.

A request for comment from Truecaller was not immediately returned.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.