Telegram, a cloud-based messaging app, suffered a data breach after unknown hackers exposed personal details of its users on darknet forums, according to a report from Russian publication Kod.ru. The exposed database contains phone numbers, unique Telegram user IDs, and other sensitive information. While it is unclear exactly how many users were affected in the incident, the exposed database is about 900 megabytes.
According to Kod.ru, the information was exposed via the Telegram app’s built-in contact export feature, which is used for user registration. Most of the exposed data is outdated, with 84% of it collected before mid-2019 and around 60% of it is irrelevant. It is said that 70% of the leaked accounts are related to users in Iran and the remaining 30% were from Russia.
“When checking through the program, the editors of Kod.ru found telephone numbers by nicknames in Telegram, including the numbers of the editors. In addition, the file also contains a unique user identifier in the messenger. At the moment, it is unclear exactly how many users were in the database,” Kod.ru reported.
All Apps are Vulnerable
Telegram stated that built-in contact export feature vulnerability is a primary concern for all contact-based messenger apps, Cointelegraph reported. “Like other phone-based messengers (Facebook Messenger, WhatsApp, Viber), Telegram allows you to see which of your contacts are also using the app. Unfortunately, any contacts-based app faces the challenge of malicious users trying to upload many phone numbers and build databases that match them with user IDs – like this one,” Telegram said in a statement.
Not the First Time
This is not the first time that Telegram’s user data is being exposed. In June 2019, Telegram suffered a DDoS (Distributed Denial of Service attack) attack that affected the users in the U.S., Hong Kong, and in other countries. Telegram took to Twitter to notify its users. “We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues,” Telegram said in a Twitter post. Describing the attack Telegram said, A DDoS is a Distributed Denial of Service attack: your servers get GADZILLIONS of garbage requests which stop them from processing legitimate requests. Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you – and each is ordering a whopper.