Massive Truecaller Data Leak Exposes 273 Million Indian Users’ Information

A massive data leak involving Truecaller, the popular caller ID and spam-blocking app, has reportedly exposed the personal information of 273 million Indian users.

The leak, which stems from a breach in February 2019, has recently resurfaced, raising significant privacy and security concerns for affected users.


Cyber Press researchers uncovered the leaked database on a well-known data leak forum. The exposed data, totaling 19 GB of files in CSV format, contains a wealth of personal information, including:

  • Phone numbers
  • Phone carriers
  • Full names
  • Genders
  • Locations
  • Job titles
  • Company names
  • Email addresses
  • Websites
  • Facebook IDs
  • Twitter usernames

The leak has affected users across multiple Indian telecom providers, with some of the largest impacts seen on:

  • Airtel: 73 million records
  • Reliance Jio: 53 million records
  • Vodafone: 50 million records
  • Idea: 50 million records
  • BSNL: 19 million records
Exposed Details

This extensive data exposure poses significant risks to affected users, including:

  1. Increased vulnerability to phishing attacks
  2. Potential for identity theft
  3. Heightened risk of spam calls and messages
  4. Possibility of social engineering attacks
  5. Compromised physical security due to leaked location data

Recommendations for Users:

  1. Change passwords: Update passwords for Truecaller and any accounts using the same or similar credentials.
  2. Enable two-factor authentication: Activate 2FA on all important accounts to add an extra layer of security.
  3. Be vigilant: Watch for suspicious emails, calls, or messages that may be attempting to exploit the leaked information.
  4. Monitor accounts: Regularly check financial and online accounts for any unusual activity.
  5. Consider using a password manager: This can help create and store strong, unique passwords for each account.

Truecaller’s security technology has evolved considerably since the 2019 data leak. The company has implemented advanced monitoring and detection systems, improved encryption protocols, and enhanced spam and fraud detection algorithms.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.