Hackers have attacked the database of Truecaller, the mobile phone
application that helps phone users put a name to the callers.
It is touted to be the largest phonebook in the world. The hackers have
gained access to ‘tokens’, or unique locks for different users.
Reports suggest that the data loss could be at 560 GB.
“We have experienced a cyber attack on our Web site that resulted in an
unauthorised access to some data. We were able to shut it down moments
after we discovered it. Our investigation into the matter indicates the
attackers were able to access ‘tokens’, which was immediately reset,”
Truecaller has said in a statement.
“What the attackers did not acquire is the needed key,” the company said.
The mobile phone app has been a hit with users across the world. Once
you download the app on your phone, it gains access to your phonebook.
As the number pile up, it will become quite easy for the users to
identify unknown numbers.
“We do not store passwords, credit card information, or any other
sensitive information about our users. It is false information that
attackers were able to access our users’ Facebook, Twitter, or any other
social media passwords,” the Truecaller statement said.
Govind Rammurthy, Managing Director and Chief Executive Officer of
eScan, said that TrueCaller was using an old version of Wordpress (an
open source tool), which had numerous vulnerabilities which were
addressed to in June version update.
“Hackers had used the available vulnerabilities and exploited them to
grab its databases. Upgrading the Web-applications to the latest
versions is an important aspect of IT security. Organisations failing to
keep their servers fully patched will always be vulnerable to such
incidents,”
No comments:
Post a Comment