Telegram today responded to reports that it was the victim of a “massive hacker attack” that originated in Iran. The messaging app company defended that while 15 million accounts were gathered, it’s not as severe as one might think and only publicly available data was collected. In short, users were asked to remain calm and continue using Telegram as before — everything is okay.
Cyber researchers shared with Reuters that Iranian hackers were able to access more than a dozen accounts on Telegram and ultimately identify phone numbers of 15 million users in the country. It’s been claimed that Rocket Kitten was behind the attack, carrying out “a common pattern of spearphishing campaigns reflecting the interests and activities of the Iranian security apparatus.”
In response to this news, Telegram shared that while publicly available data was collected from among 15 million users, individual accounts were not directly accessed. “Such mass checks are no longer possible since we introduced some limitations into our API this year,” the company explained in a blog post. That being said, the company did acknowledge that since it’s based around phone contacts, anyone could “potentially” check to see if a particular phone number is registered in the system — something Telegram said was possible with WhatsApp, Facebook Messenger, and other similar apps.
It’s been alleged that SMS interception has been possible, which is where phone companies share these text messages directly with hackers. To this, Telegram scoffed at the severity, saying “this is hardly a new threat as we’ve been increasingly warning our users in certain countries about it.” The company reiterated that it has implemented two-factor authentication specifically to defend against these cases.
While people may be concerned about the security of Telegram, it appears the company thinks the whole thing is being blown out of proportion and suggests everyone take a deep breath and realize that what was accessed isn’t secretive information.