The Indian users of Truecaller Apps which is used to identify the unknown callers might have their information compromised and the details are available for sale as per a U.S.-based cyber intelligence firm.
The details include the name, number gender, social media profile, Email ID among others.
Indian central and State cybercrime agencies have initiated investigations into the matter, taking into account the scope for the number of crimes that can be committed, including phishing rackets and identity thefts.
The data leak has been detected by Cyble Inc, a firm founded by global cybersecurity expert Beenu Arora.
“Cyble has indexed this information on AmiBreached.com – Cyble’s data breach monitoring and notification platform. People who are concerned about their exposure can register on the website to ascertain their exposure,” the firm said in a note.
The details are put up online for low price, as low as $1000 US.
“The low price suggests that they have some interest in gaining attention or expanding his customer base,” Mr. Arora said.
The App however denied the breach.
Truecaller on Wednesday stated that the data seemed to be from a set leaked in May 2019.
A spokesperson from the company said on Wednesday, “There has been no breach of our database and all our user information is secure. We take the privacy of our users and the integrity of our services extremely seriously and we are continuously monitoring for suspicious activities.
“We were informed about a similar sale of data in May 2019. What they have here is likely the same dataset as before. It’s easy for bad actors to compile multiple phone number databases and put a Truecaller stamp on it. By doing that, it lends some credibility to the data and makes it easier for them to sell. We urge the public and users not to fall prey to such bad actors whose primary motive is to swindle the people of their money.”
Cyble founder Beenu Arora said that it was confirmed that the data was a subset of the 2019 leak.
