While Telegram isn’t giving up its ongoing legal battle with United States regulators to launch its TON blockchain project, some online perpetrators are taking advantage of the messenger’s popularity to expose millions of user records of third-party versions of Telegram app.
Per an investigation by cybersecurity firm Comparitech and security researcher Bob Diachenko, at least 42 million Iranian “Telegram” usernames and phone numbers were leaked via unofficial Iranian-made versions of Telegram, while real Telegram is banned in the country.
According to a March 30 report compiled by Comparitech, those records were publicly exposed online on the web without any authentication required to access it. The data was reportedly exposed on distributed search engine Elasticsearch for about 11 days until it was removed after Diachenko filed an abuse report.
Diachenko elaborated to Cointelegraph that the number of leaked records purportedly corresponds to the number of “Telegram” users affected. He said:
“42 million is the number of the records in the database which, we assume, are unique and correspond to the affected persons’ number.”
The reported data breach definitely poses significant risks like SIM swapping and phishing attacks as well as other scams using the phone numbers in the database. Moreover, the leakage reveals data of as many as 42 million Iranian people who were trying to still use Telegram despite the application being banned in the country since 2018.
The exposure wouldn’t have been possible without people using unofficial versions Telegram messenger, a Telegram spokesperson reportedly told Comparitech. Telegram emphasized that the leaked data came from unofficial Telegram applications or so-called “forks” of Telegram that are not affiliated with the official company. This became possible because Telegram is an open-source application that allows third parties to create their own versions of it.