True caller denies breach after data of 4.75 crore Indians appear on the dark web

Nitesh Pandey
3 min readAug 1, 2020

Last month there was some news stating that True Caller Data was breached. Actually

  • Truecaller user’s data are for sale on the dark web.
  • Personal data of Indian Truecaller users are available for about Rs 75,000 and those of global users are available for 25,000 Euros.

After the news come in public domain Truecaller denied and says all its data is safe such a big company will not lie if they suffer a data breach. And this makes me more curious about what actually happened and I tried to get access to the database.

After a few days fortunately with the help of one of my friend we get the data on a public-facing website and after seeing the database we are in bit sock

It was containing databases.

Now my curiosity level was heigh I decided to dig deeper inside it to see what it exactly contains. After going a few more folders deeper I see that it contains data by careers.

At that point of time, I was thinking it might be possible true caller somehow has faced data breach but I was not confident meanwhile I keep on seeing the information.

If you will see the above image you can see that the data was stored according to Mobile serial number and huge. So I stopped working on that day because I need to process all the data before I come to any conclusion.

After a few days later it was Sunday I woke up early and start processing the data it takes around 3 hours to combine everything basically I merged every file and create a big file of 40 GB. Now I was thinking 40 GB of Indian mobile numbers the first thing I did after processing was I searched for my number and guess was it was present in the database.

After seeing the details I was in the sock. Meanwhile, I keep on using the OSINT techniques To see what an attacker can achieve if he has this database. I cant share those details here because it may be misused and I don't want to be in trouble But one thing we need to understand the database that is publically accessible does contain details and almost all the true callers details.

I am not sure Its a Databreach but the database present provides Identical details so what can be the scenario.

  • Someone created a script and scrap all the true caller user details using true caller API
  • It may be a possibility that true caller suffers a data breach(Truecaller deny that they suffer any breach)

Now you all decide what exactly happens and do let me know in the comment section.

The article is only for educational purpose and to create awareness.