The built-in contact import feature in Telegram was exploited to leak personal data of millions of users to the darknet.
Telegram has suffered a data breach that exposed some personal information of its users on the darknet. A database containing the personal information of millions of Telegram users has been published on a darknet forum. The issue was initially reported on the Russian website “Kod.ru”.
According to the report, the database contains phone numbers and unique Telegram user IDs. It is not clear exactly how many users' data were leaked, but the database file is approximately 900MB. Around the 40% Of the entries in the database should be relevant.
Telegram has acknowledged the existence of the leaked database “Kod.ru”. The database was collected by exploiting Telegram's built-in contact import feature.
The app's technicians pointed out that the data in the leaked database is outdated. According to the report, the 84% of the data entries in the database were collected before mid- 2019. At least the 60% of the database is outdated. In addition, the 70% of the filtered accounts come from Iran, while the 30% remainder from Russia.
This is not the first time that Telegram users' phone numbers have been leaked. In August 2019, Hong Kong activists reported a vulnerability that exposed their phone numbers, which allowed Chinese police agencies to track the identities of protesters.
In response to the vulnerability, Telegram expanded user privacy tools in September 2019. Specifically, a feature was introduced that allows users not to show their phone number to anyone.