Hacker group says it acquired databases of global phone directory Truecaller

Share this article:

More than a million Truecaller accounts were compromised in a recent hack.

Swedish-based Truecaller, the company that says it maintains the largest global phone directory, has become the latest target of the Syrian Electronic Army after the hacker collective made the announcement via Twitter less than 24 hours ago.

In exclusive comments to cyber security news site E Hacking News, members of the group said they acquired more than seven databases from Truecaller, including one totaling 450 GB. The report said that besides phone data the databases also contain access codes to more than a million Facebook, Twitter, LinkedIn and Gmail accounts.

The hackers reportedly accessed the admin panel and acquired information because the Truecaller website was running WordPress 3.5.1, an outdated version of the web publishing tool. The Truecaller product is primarily a free application on mobile devices, including iOS and Android, but features are accessible through the website. 

“Sorry @Truecaller, we needed your database, thank you for it :)" reads the first Twitter post regarding the attack. It was followed up almost immediately by a tweet containing the database host and name, complete with username and password. A picture from the database was tweeted out 15 hours later.

The Truecaller application works by uploading users' contacts into global databases, which – courtesy of crowdsourcing – have filled out tremendously over time. The website claims to have nearly a billion phone numbers. Features as well include caller ID and call blocking, as well as social media integration. The application is available in more than 100 countries.

Some of the affected users are from China and Turkey, according to the database photo posted by the Syrian Electronic Army.

A request for comment from Truecaller was not immediately returned.

Share this article:

Sign up to our newsletters

More in News

POS malware risks millions of payment cards for Michaels, Aaron Brothers shoppers

POS malware risks millions of payment cards for ...

An investigation dating back to January has finally confirmed that malware on point-of-sale systems may have compromised payment card data for millions of Michaels Stores and Aaron Brothers customers.

Phishing scam targets Michigan public schools

Unknown attackers used the finance director's email account to request wire transfers from the school district's accounting department.

Contempt order against Lavabit still stands, appeals court rules

Contempt order against Lavabit still stands, appeals court ...

A federal appeals court backed an earlier ruling penalizing the email service.