Things haven’t been going so well for global directory application TrueCaller as recent reports suggest that the service’s main database has been breached, resulting in millions of phone records being stolen. Well, TrueCaller has gone on the record via its official blog and has posted a statement regarding the recent events.
First and foremost, the company does admit that the TrueCaller website has been victim of a cyberattack. Apparently, the Syrian Electronic Army (SEA) has claimed responsibility for the hack which took place on June 16. The group disclosed this information through their Twitter account by tagging the company’s official handle and stating, ‘We needed your database, thank you for it.’
If that’s not enough, they’ve posted the username, password and the database name used by TrueCaller, to back their claims. Also, there are a couple of images which show the telephone numbers and country details of a few individuals. The troublesome part here is that the alleged group claims to have grabbed large amounts of data in the bargain which might land them access to Facebook, Twitter and LinkedIn accounts of many users.
According to the company, the hack was immediately shut down on detection and the group has only managed to steal access tokens which TrueCaller states, have been reset. The post goes on to say that no sensitive data like passwords, credit card details and more are stored in its database and also affirms that social networking accounts of users’ have not been compromised.
On an ending note, TrueCaller mentions that further investigations are being carried out with regards to the unauthorized access of the service’s database.