The Truecaller data, which is of users from all over the country and is classified into folders, was being offered for a mere $1000 (about ₹76,000).
A spokesperson from the company said on Wednesday, “There has been no breach of our database and all our user information is secure. We take the privacy of our users and the integrity of our services extremely seriously and we are continuously monitoring for suspicious activities.
“We were informed about a similar sale of data in May 2019. What they have here is likely the same dataset as before. It’s easy for bad actors to compile multiple phone number databases and put a Truecaller stamp on it. By doing that, it lends some credibility to the data and makes it easier for them to sell. We urge the public and users not to fall prey to such bad actors whose primary motive is to swindle the people of their money.”
Cyble founder Beenu Arora said that it was confirmed that the data was a subset of the 2019 leak.
“The Truecaller leak, in contrast, is minor in nature considering that the actor has now leaked over 600 million records, including from China, Taiwan etc. TooGod is not the biggest worry from my perspective, as the actor is just another wholesaler in the dark web market. There are other active groups, who are continually targeting large organisations as well as growing start-ups,” Mr. Arora said.
He added that the average user is advised to stay alert to suspicious text messages, phone calls and emails, regularly monitor banking transactions for any potential anomalies or suspicious activities, use complex passwords and multi-factor authentication where possible and opt for data breach monitoring and notification services that tell users if their information is exposed.