Hackers have attacked the database of Truecaller, the mobile phone application that helps phone users put a name to the callers.
It is touted to be the largest phonebook in the world. The hackers have gained access to ‘tokens’, or unique locks for different users.
Reports suggest that the data loss could be at 560 GB.
“We have experienced a cyber attack on our Web site that resulted in an unauthorised access to some data. We were able to shut it down moments after we discovered it. Our investigation into the matter indicates the attackers were able to access ‘tokens’, which was immediately reset,” Truecaller has said in a statement.
“What the attackers did not acquire is the needed key,” the company said.
The mobile phone app has been a hit with users across the world. Once you download the app on your phone, it gains access to your phonebook. As the number pile up, it will become quite easy for the users to identify unknown numbers.
“We do not store passwords, credit card information, or any other sensitive information about our users. It is false information that attackers were able to access our users’ Facebook, Twitter, or any other social media passwords,” the Truecaller statement said.
Govind Rammurthy, Managing Director and Chief Executive Officer of eScan, said that TrueCaller was using an old version of Wordpress (an open source tool), which had numerous vulnerabilities which were addressed to in June version update.
“Hackers had used the available vulnerabilities and exploited them to grab its databases. Upgrading the Web-applications to the latest versions is an important aspect of IT security. Organisations failing to keep their servers fully patched will always be vulnerable to such incidents,” he said.
kurmanath.kanchi@thehindu.co.in