Online intelligence firm Cyble reported that Truecaller data of 4.75 crore Indian users have been put on sale on the dark web. The amount is around ₹75,000. However, Truecaller denied the report. It said that there’s no breach on its database.
The data is from 2019 and the information available on the dark web is in various categories. The basis of categorization are states, cities, and carriers, Cyble said in a blog post. Also, the user information available includes phone number, carrier, name, gender, email address, Facebook ID and more.
Also, Cyble has published the leaked details on its blog post. The security firm also suggested that this information leak will lead to scams, spams, and identity thefts.
Truecaller on the other hand refuses the report.
A Truecaller spokesperson said in a statement,
“Thank you for bringing this to our attention. There has been no breach of our database and all our user information is secure. We take the privacy of our users and the integrity of our services extremely seriously and we are continuously monitoring for suspicious activities. We were informed about a similar sale of data in May 2019. What they have here is likely the same dataset as before. It’s easy for bad actors to compile multiple phone number databases and put a Truecaller stamp on it. By doing that, it lends some credibility to the data and makes it easier for them to sell. We urge the public and users not to fall prey to such bad actors whose primary motive is to swindle the people of their money,”.
Also, Truecaller says that it does not upload a user’s phone book. However, users themselves mark numbers as spam, correct names and contribute names as well. Cyble is yet to respond to this statement.