Privacy Snafu Exposes 42 Million ‘Telegram’ Records

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,131
Content source
https://www.infosecurity-magazine.com/news/privacy-snafu-exposes-42-million/
Security researchers have discovered tens of millions of accounts from a third-party version of Telegram that were leaked online in another cloud misconfiguration.

Bob Diachenko and the Comparitech team found the exposed data on March 21. It had been posted to an Elasticsearch cluster, password-free, by a group called “Hunting system” in Farsi.

Although the cluster was deleted on March 25, a day after Diachenko informed the hosting provider, at least one user had apparently already posted it to a hacking forum.

That’s bad news, because the trove contained 42 million records from a third-party version of popular messaging app Telegram. They included user account IDs, phone numbers, names, and hashes and secret keys.

As Telegram has been banned in Iran since anti-government protests in 2018, the database could put users at risk of being singled out by the authorities as having something to hide.

Although the hashes and keys can’t be used to access accounts, third-party hackers could use the other information in financially motivated attacks, warned Comparitech.
Click to expand...
 
Last edited:
  • Like
  • Wow
  • +Reputation
Reactions: Antus67, stefanos, Gandalf_The_Grey and 4 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,632
upnorth said:
What do you mean, Telegrams fault?
Click to expand...
leaked online in another cloud misconfiguration
Click to expand...
This looks like something was wrong from Telegram's end. Third party apps exist because Telegram makes their API available for third party devs similar to Twitter but Twitter's data has never been revealed by any third party app. So maybe some fault in their API let that third party app access Telegrams private data. Anyway, I'm guessing this so correct me if I'm wrong.
 
  • Like
Reactions: stefanos, silversurfer and upnorth
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
SeriousHoax said:
This looks like something was wrong from Telegram's end. Third party apps exist because Telegram makes their API available for third party devs similar to Twitter but Twitter's data has never been revealed by any third party app. So maybe some fault in their API let that third party app access Telegrams private data. Anyway, I'm guessing this so correct me if I'm wrong.
Click to expand...
I'm also not sure, but from what I saw from the main source, Telegram made an official statement.
“We can confirm that the data seems to have originated from third-party forks extracting user contacts. Unfortunately, despite our warnings, people in Iran are still using unverified apps. Telegram apps are open source, so it’s important to use our official apps that support verifiable builds.”
Click to expand...
Another one that caught my eye is, Elasticsearch.

Ransomware Negotiation & Dark Web Investigation Services | Night Lion

Leaders in dark web threat intelligence research, ransomware and extortion negotiation, digital investigations, security assessments
www.dataviper.io www.dataviper.io
malwaretips.com

Security Alert - 100 Million Online Bets Exposed by Leaky Database

Yet another organisation has been spotted copying important data to Elasticsearch cloud storage without remembering to secure it. Last week, it was US company VOIPo that accidentally exposed call logs, SMS data, and company credentials in Elasticsearch where it was spotted by researcher Justin...
malwaretips.com malwaretips.com
malwaretips.com

Attackers Turn Elasticsearch Databases Into DDoS Bots

A recently detected attack campaign is attempting to ensnare Elasticsearch clusters into a distributed denial of service (DDoS) botnet, Trend Micro reports. The multi-stage attacks leverage scripts to ultimately deliver backdoors to the targeted servers and turn them into DDoS bots. As part of...
malwaretips.com malwaretips.com
malwaretips.com

7.5 Million Records of Adobe Creative Cloud User Data Exposed

Adobe secured a database with 7.5 million records belonging to Adobe Creative Cloud users. The cache was not protected in any way, allowing anyone access to client information if they knew how to find it. Although the details included are not highly sensitive, they could be used to launch...
malwaretips.com malwaretips.com
malwaretips.com

Report: 267 million Facebook users IDs and phone numbers exposed online

A database containing more than 267 million Facebook user IDs, phone numbers, and names was left exposed on the web for anyone to access without a password or any other authentication. Comparitech partnered with security researcher Bob Diachenko to uncover the Elasticsearch cluster. Diachenko...
malwaretips.com malwaretips.com
malwaretips.com

Microsoft Exposed 250 Million Customer Support Records

Nearly 250 million Microsoft Customer Service and Support (CSS) records were found exposed to the Internet in five insecure Elasticsearch databases, Comparitech reports. The records on those servers contained 14 years’ worth of logs of conversations between support agents and customers, all of...
malwaretips.com malwaretips.com
malwaretips.com

Hacking Alert - A UK-based Security Company Seemed To Have Inadvertently Exposed Its ‘Leaks Database’ with 5B+ Records

On March 16th I have found an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by a UK-based security company (at least, SSL certificate and reverse DNS records pointed out to Keepnet Labs ). The irony of that discovery is that it was a ‘data breach...
malwaretips.com malwaretips.com
 
  • Like
  • Thanks
Reactions: ForgottenSeer 85179, Gandalf_The_Grey, harlan4096 and 2 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • Thanks
Microsoft denies data breach, theft of 30 million customer accounts
Replies
6
Views
1,362
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • HaHa
    • +Reputation
    • Wow
Security News US Credit Union Service Leaks Millions of Records and Passwords in Plain Text
Replies
1
Views
832
Security News
Freki123
F
enaph
    • Like
Security News Acer confirms Philippines employee data leaked on hacking forum
Replies
0
Views
707
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top