Truecaller data of 4.75 crore Indian users have been put on sale on the dark web for around ₹75,000, online intelligence firm Cyble reported. Truecaller, however, denied the report saying that there’s no breach on its database.
Cyble said in a blog post that The Truecaller data is from 2019 and the information available on the dark web has been categorised based on states, cities and carriers. In Addition, The information which includes phone number, carrier, name, gender, email address, Facebook ID and more.
Here’s the statement from the spokesperson of Truecaller :
“Thank you for bringing this to our attention. There has been no breach of our database and all our user information is secure. We take the privacy of our users and the integrity of our services extremely seriously and we are continuously monitoring for suspicious activities. We were informed about a similar sale of data in May 2019. What they have here is likely the same dataset as before. It’s easy for bad actors to compile multiple phone number databases and put a Truecaller stamp on it. By doing that, it lends some credibility to the data and makes it easier for them to sell. We urge the public and users not to fall prey to such bad actors whose primary motive is to swindle the people of their money,”
More importantly, Truecaller also said that it does not upload a user’s phone book. It is a common misconception. Its database populated daily by users themselves who mark numbers as spam, correct names and contribute names as well. Although, Cyble is yet to respond to this statement.
“Cyble has indexed this information on AmiBreached.com – Cyble’s data breach monitoring and notification platform. People who are concerned about their exposure can register on the website to ascertain their exposure,” the firm said in a note.