The global phone directory service, Truecaller, admitted to being in the middle of a cyber attack earlier today. The fact that hackers belonging to Syrian Electronic Army are the masterminds behind this breach couldn’t be hidden with the SEA Twitter account unabashedly owning up to it.
A tweet by the attacker read, ‘Sorry @Truecaller, we needed your database, thank you for it. 🙂 truecaller.com #SEA #SyrianElectronicArmy.’ This was followed by another post on Twitter that disclosed the database host, username, password and database name.
Various allegations doing the rounds mention that the SEA hackers got away with data which could render access to users’ accounts on a number of social networking sites including Facebook, Gmail and LinkedIn. So it goes without saying that this raid poses a massive threat to sensitive information shared by social network users across the globe.
However, the phone directory service remarked on its blog post that these accusations were baseless. It said that the app itself abstains from hoarding passwords and other such personal details, which rules out the possibility of them being exposed.
Also, the only thing that the attackers could gain access to was tokens. In the company’s words, these are unique locks dedicated to each user. The silver lining in the whole picture is that the hackers couldn’t lay their hands on the needed key. Nevertheless this along with tokens has been reset.
Truecaller still claims to be in the process of evaluating the enormity of this attack and in order to prevent such an incident from reoccurring, it speaks of taking additional measures with complex security fortification.