Millions of TrueDialog Users’ Info Exposed In Data Breach, Report Says

Almost 1 billion records were reportedly leaked in a data breach affecting the databases of TrueDialog, a communications company that provides texting services to American companies.

The data that was allegedly hacked includes personal identifying information of text message recipients.

Unfortunately, this means that millions of consumers may be exposed to identity theft and fraud as a result of their information being exposed.

The data breach was discovered by the VPN review website vpnMentor on Nov. 26, 2019. Companies that use TrueDialog were contacted on Nov. 28, 2019, and action to deal with the problem was taken on Nov. 29, 2019.

According to vpnMentor, the database that was affected by the cyber breach included 604 GB of data. vpnMentor says that a database of this size is rare, especially when the information contained in the database is so varied.

Reportedly, not only client information was compromised, but so was information about the company, TrueDialog.

When it comes to client information that was exposed, this affected TrueDialog account information including email addresses, usernames, cleartext passwords. Reportedly, the passwords were protected by an encryption, but the encryption was one that was easy to decrypt.

SMS messages sent via TrueDialog were also exposed. Allegedly, information about the recipients was exposed, including their full name, email addresses, and phone numbers. vpnMentor says that the content of the messages was also exposed, as well as the dates and times the messages were sent, and the status indicators for the messages.

TrueDialog account information was also exposed, giving hackers information about not just the recipients that received the messages, but the senders that use TrueDialog’s services.

Unfortunately, more detailed information about users was also exposed, but vpnMentor explains that it has been difficult to determine how much information beyond personal identifying information was exposed.

vpnMentor goes on to explain that the hackers also gained information about TruDialog’s website traffic, which could expose the site, and not just the company’s database, to further vulnerabilities and information theft. 

vpnMentor warns that companies who use TrueDialog may be subject to account takeover, because their account passwords were compromised. According to vpnMentor, a hacker could change the company’s password and “do an incredible amount of damage.”

A data breach of this magnitude could expose customers to identity theft, fraud, and a range of other problems. Reportedly, scammers could use this level of personal information to craft convincing phishing scams. The more personal information that is exposed, the more targeted a scammer can make a phishing attempt. This means that individuals may fall for it more easily.

Additionally, hackers may sell this information to scammers who could use the personal information for blackmail. They may threaten fraud, or to expose information that an individual may want to protect. 

Furthermore, cybercriminals may use personal information to commit fraud or identity theft. They can use information like email addresses, phone numbers, and full names to open fraudulent accounts in a person’s name, which can imperil an individual’s financial security.

Has your personal information been exposed in a data breach? Tell us about your experience in the comments below.

Read More Lawsuit & Settlement News:

Hy-Vee Class Action Alleges Slow Response to Data Breach

Former Camden Bishop Now One of Many Catholic Priests Accused of Abuse

CenturyLink Class Action Says 2.8M Customers’ Info Exposed In Data Breach

What Valsartan Has Been Recalled?