Truecaller, the most followed caller ID app seems to have a flaw in its system that could affect the personal information of more than 100 million users of the app from all over the world.
The app, which is the largest in the world based on its niche, has been discovered to be relying on IMEI numbers when assigning identities to users. What this means is that anyone who can access an IMEI to a given device can easily mess around with personal information on the platform even without asking for any permission.
With this exploit, the team behind the discovery says that attackers can easily steal and tweak user information such as their account name, email, home address, profile picture and even gender. It is also possible for the flaw to be utilized in modifying settings, disabling spam blockers and even going as far as editing or deleting the numbers that have flagged as spam or blacklisted.
Truecaller has more than 100 million downloads
The Google Play Store reports that Truecaller has more than 100 million downloads, something that Cheetah Mobile, the security firm behind the bug’s discovery, seconds.
If this flaw is utilized, this is a huge number of infiltrations we are talking here. Having personal details of more than 100 million people out there without their consent is a huge risk for Truecaller. However, the company says that it has already released a fix to this problem.
But the question that arises here is how many users have actually updated to the latest version? Well, there is no doubt that the number is small. In case you haven’t updated yet, this is the time to do so. On the brighter side, Truecaller reports that no user information has so far been compromised by this bug.
Truecaller has gained world popularity for its services that enable users search and actually identify any phone number regardless of where it comes from. The application also goes further to let them create custom lists where they block hidden and other specific numbers. It is also possible to check you’re your friends are available.
The latest Truecaller update came via the Play Store and its dated March 29, a day after the company issued a statement on the fix. Make sure you download the latest version in order to keep your information safe.