A cybersecurity firm recently claimed that the personal data of 47.5 million Indians sourced from Truecaller is available for sale on the dark web for $1,000.
The data leak, found by American cyber intelligence firm Cyble Inc, reportedly contained details like name, gender, age, city, telecom service provider, Facebook account, email id and mobile number.
Truecaller, in a statement, however, denied any breach of its database. Speaking to Medianama, a company spokesperson said:
There has been no breach of our database and all our user information is secure. We take the privacy of our users and the integrity of our services extremely seriously and we are continuously monitoring for suspicious activities.
He also said that the company was informed of a similar data breach in 2019 and the recent data set is same as before.
It’s easy for bad actors to compile multiple phone number databases and put a Truecaller stamp on it. By doing that, it lends some credibility to the data and makes it easier for them to sell. We urge the public and users not to fall prey to such bad actors whose primary motive is to swindle the people of their money.
Truecaller apparently has over 100 million daily active users in India and if true, this could be a massive security breach.