Data breach affects over 200 million Telegram user records

According to Cybernews, a cybersecurity platform, three databases containing more than 200 million Telegram user records were exposed on January 24th on the BreachForums leak forum.

According to Cybernews researchers, the 44GB of uncompressed data included user names, Telegram usernames, email addresses and contact numbers. The team further examined the data and found that it also contained 60 million Telegram records and 16 billion sets of authentication data, and it is still uncertain whether the data originated from a new intrusion or information stolen in previous breaches.

The researchers added that since Telegram users' emails are not public information, the data should not have been retrieved by a crawler, and a combination of crawler data and old leaked information could not be ruled out. Telegram users are also reminded to be on guard against large-scale phishing attacks triggered by the leakage. In light of the increasing number of attacks on Telegram, security consultancy NVISO has urged organizations to disable the APIs of the messaging app.

Source:

https://www.scworld.com/brief/data-leak-exposes-over-200m-telegram-user-records

Related articles

遭駭的積架路虎(JLR)估計損失高達 19 億英鎊,為英國歷來之最

積架路虎(JLR)今年 9 月初遭黑客攻擊,停產超過一個月,英國網絡監測中心估計損失高達 19 億英鎊,為英國史上最嚴重資安事故,波及逾 5,000 家機構。黑客透過網絡釣魚及外洩憑證入侵系統,相關組織更聲稱發動攻擊,此次事件屬 3 級系統性事故,重創生產與供應鏈。...
Learn more

Qantas Hacked, 5.7 Million Customers' Data Leaked, Exposing New Challenges in Capital Protection

In July 2025, Qantas Airways was hit by a massive cyber-attack, which resulted in the leakage of 5.7 million customers' names, emails, addresses, and other personal information, making it one of the most serious cyber-security incidents in Australia in recent years. The incident is suspected to be related to the social engineering and voice phishing tactics of the Scattered Spider organization, exposing the vulnerabilities of large-scale corporate security and bringing important warnings to enterprises to strengthen their cybersecurity....
Learn more

Malicious Ads Trigger Crisis Nevada Government Ransomware Attack Revealed

In August 2024, the state government of Nevada was hit by a ransomware attack triggered by malicious advertisements that disrupted services in more than 60 government departments. IT staff clicked on the malicious advertisements to download a tool that contained a backdoor, and the password vault was breached. The authorities refused to pay the ransom, and in-house staff worked overtime for 28 days to repair 90% of the critical systems, at a much lower cost than outsourcing, which has brought important information security revelations to both public and private organizations....
Learn more

Regal Group Hit by Massive Conduent Data Breach

Conduent, a business services provider, has suffered a massive data breach affecting 25 million people and nearly 17,000 employees in North America. Hackers breached the system between October 2024 and January 2025, stealing personal, medical, and social security information, and the incident was caused by...
Learn more

Digital Vault Congratulates All Hong Kong People on the Year of the Horse

Remins. On this New Year's Eve, Digital Vault wishes all Hong Kong people and corporate clients a happy New Year of the Horse. On this New Year's Eve, Digital Vault would like to wish all Hong Kong citizens and enterprise customers a prosperous year of the Horse. As a cloud security storage expert rooted in Hong Kong, we will continue to protect data assets with solid encryption technology and professional cloud services, drive the digital transformation of enterprises, and work with Hong Kong to leap to the new peak of the digital world....
Learn more

Georgia Medical Group Data Breach Affects Over 620,000 People

A cyberattack on ApolloMD, a medical group based in Georgia, USA, has resulted in the leakage of sensitive information about 626,540 people, including names, addresses, diagnostic records, and health insurance and social security numbers. The hackers breached the system in May, and the incident was staged by the Qilin ransomware group, which has repeatedly targeted the healthcare industry, releasing information on an average of about 40 victims per month over the last year....
Learn more

Six Million Oracle Cloud Users' Data Suspected to be Leaked

Hacker Rose87168 claimed to have hacked into Oracle's cloud SSO server and stolen 6 million user authentication data for sale on the dark web, and is suspected to have exploited the vulnerability of the old software to even build files on its server. oracle adamantly denied that it had been hacked, but quickly took down the server involved, and BleepingComputer verified that the hacker's data samples were true, which has triggered a test of cloud security. The incident has triggered a test of trust in cloud information security....
Learn more

Unauthorized Access to SoundCloud Backend Assistance Dashboard HIBP Alleges About 29.8 Million Account Data Exfiltrated

SoundCloud's backend assistance dashboard was accessed without authorization, and HIBP pointed out that about 29.8 million account information was exfiltrated, including about 30 million individual email addresses, no passwords and financial information. The platform was hit by a DoS attack after processing, the attacker harassed the relevant people by email and claimed to hold sensitive information, the platform has strengthened protection, HIBP has recorded the incident, the official reminded users to guard against phishing....
Learn more

AT&T Data Breach Settlement Pending Judge's Final Ruling

AT&T has reached a $177 million settlement, pending judge's approval, for two serious data breaches in 2024. The incidents involved the disclosure of sensitive data and telephone numbers of 73 million users, and the settlement was split between the two incidents, with the legal team claiming about one-third of the costs. The State of Connecticut has stepped up data privacy enforcement over the same period, reflecting the tightening of digital security regulations in the U.S. AT&T users are still awaiting judgment and compensation....
Learn more

HKCERT Releases "Hong Kong Cyber Security Outlook 2026" Cyber Security Incidents Rise by 27% Annually, Hitting New Highs AI Applications and Supply Chain Risks Become a Concern Nearly 30% of Enterprises Still Don't Have Manpower to Take Charge of Cyber Security

According to Media OutReach Newswire, the Hong Kong Cyber Security Incident Response Team Coordination Center (HKCERT), a division of the Hong Kong Productivity Council (HKPC), held a media briefing to announce its annual "Hong Kong Cybersecurity Outlook 2026" on January 28, 2026,...
Learn more

Nike attacked by ransomware group WorldLeaks 1.4TB of trade secrets leaked Hong Kong supplier worried about the implication

Nike, the global sportswear giant, was attacked by the international ransomware organization WorldLeaks in January 2026, which involved the theft of 1.4 terabytes of internal data and a total of 188,347 files, and the hackers even set up a countdown timer to threaten to disclose all the contents, which has aroused the concern of the global business community and cybersecurity industry....
Learn more

Hong Kong privacy regulator records 20% increase in data leakage incidents, one-third of which involve hacking attacks.

Hong Kong's privacy regulator recorded nearly 250 data leakage incidents last year, an increase of more than 20% over the previous year, with one-third of the incidents involving hacking attacks, according to the HKFC....
Learn more