Messaging app Telegram has on Tuesday responded to media reports that claimed a hacker attack that originated in Iran was not a “massive” one and only publicly available information was exposed to hackers. The company however, acknowledged that 15 million accounts from Iran were confirmed to be registered with the app as part of the attack.
On Tuesday, Reuters reported that Iranian hackers have compromised more than a dozen accounts on the Telegram and identified the phone numbers of around 15 million Iranian users.
According to the report, cyber researchers have claimed that the hackers belonged to a group called Rocket Kitten, and used Persian-language references in their code and carried out “a common pattern of spearphishing campaigns reflecting the interests and activities of the Iranian security apparatus.”
Telegram has claimed that individual accounts were not accessed as part of the attack and said in its blog post, “Such mass checks are no longer possible since we introduced some limitations into our API this year.”
However, the company did acknowledge that its messaging app has direct correlation with phone’s contacts, and therefore it is potentially possible for “any party” to have checked if a particular phone number was registered in their system. The company pointed out that other platforms like WhatsApp and Facebook Messenger carry the same risk.
In response to allegations that certain accounts were accessed via SMS interception, Telegram has said that it released a warning for its users regarding the same earlier this year and also introduced its 2-Step verification to protect its users from such situations.