Truecaller security flaw poses risk to 100000000 users

Truecaller Bug

Popular caller ID app Truecaller was recently hit with a major security breach which could have potentially affected a hundred million users. The bug allowed hackers to gain access to a number of personal details and even change the settings of the application without seeking permission.

The privacy flaw came to light when researchers at Cheetah Mobile Security discovered that anyone with access to a device’s IMEI number could get their hands on a Truecaller user’s private data including their address, email ID, profile picture, and phone number. Malicious attackers may have even been able to delete or add a black list and disable spam blockers.

Truecaller only utilizes a consumer’s IMEI number to identify them, meaning the bug put a wide number of users at risk. Thankfully, the company sent out a fix for the issue on March 22 after it was alerted to the problem’s presence. The update is being rolled out OTA right now and should be downloaded immediately in order to prevent any attacks.

Also See: Truecaller gets updated with Truedialer features

In a blog post, Truecaller claims that no members have been compromised by the breach. The app recently got upgraded earlier this month with 3 new features borrowed from Truedialer namely Call History, Activity and a built-in dialer. The first replaces unknown numbers with names and photos within the application itself.

The second major addition to Truecaller allows users to keep track of the best time to call their friends by stamping a red dot to indicate they’re busy or a green one to show they’re free to talk. They can also see when their contact was last active. Moreover, the updated application sports a brand new look and app icon.

You can download the latest version of Truecaller via the Google Play Store.