Truiclar suddenly became the most talked about topic on the dark web as it sold the personal information of 4..ec5 crore Indians at a drunken price. The perpetrators who put the data on sale claimed that it was used by Truickler users to add credibility to the fact that the app is used in the country to identify unknown callers.
Compromised personal data was identified by Sibel, a US-based cyber intelligence agency founded by global cybersecurity expert Binu Aurora. The agency has studied the leaked data and found that it has reached users in various states of India including Maharashtra, Bihar, Andhra Pradesh, Delhi, Haryana, Madhya Pradesh, North East India, Orissa and Punjab.
What was leaked and how much?
The agency identified the leaked information of 4.7575 crore Indians as phone number, name, gender, location, email id and Facebook profile information. Considered as a gold mine for bad actors, all this information is available for only 1000 1000 or about Rs 75,000.
How data can be misused is a matter of wonder that data is available for such a low price. However, as Aurora points out, the cyber criminal named Tugged on the web of darkness is not for money, but to expand his presence.
What are the risks?
Any amount of data bad actors can use in different ways. Cybercriminals can carry out a variety of crimes, from identity theft to phishing attacks and more. Although the Indian Central and State Cyber Crime Agencies are looking into the matter, users feel that they can register at AmiBreach.com to confirm their release.
If your personal data is exposed, in some cases you can do nothing but change your phone number, email ID to avoid being attacked by phishing attacks. If security agencies can be trusted, Truickler users are only affected by this data leak.
Truickler raises questions about credibility
Since the cybersecurity firm claims that the data belongs to the users of the TrueColor application, we have reached out to the popular Caller ID application for clarity. Not only did Truickler deny any breaches to its database, it also said that hackers used Truickler labels to add some credibility to the data.
Our database has not been compromised and all of our user information is secure. We take our user privacy and the freeness of our services very seriously and we constantly monitor for any suspicious activity. In May 2019 we were informed about similar data sales they have here is probably the same dataset as before. It’s easy for bad actors to compile multiple phone number databases and put a TrueCaller stamp on them. By doing this, it lends some credibility to the data and makes them easier to sell. We urge the public and users not to fall prey to bad actors whose primary purpose is to push people into public money, ”Truikler said in a statement.