Telegram Data Breach: What Happened?

[fatimahislam]

Widely used messaging platform known for its emphasis on privacy and security, has recently been at the center of several significant data breaches. These incidents have raised serious concerns about the platform's ability to protect user data and its role in facilitating cybercrime.
BleepingComputer

The Star Health Incident
In September 2024, a hacker operating under the alias "xenZen" exploited Telegram's chatbot feature to leak over 7 terabytes of sensitive data from Star Health and Allied Insurance, one of India's largest health insurers. The stolen data, affecting more than 31 million customers, included medical records, identification documents, and personal contact information. The hacker used Telegram chatbots to distribute this information, making it accessible to anyone who knew how to request it. Despite Telegram's efforts to remove the bots, new ones continued to surface, demonstrating the challenges in moderating such content .

Earlier in 2024, a massive data dump on Telegram telegram data exposed 361 million stolen account credentials. This data, compiled from various cybercrime channels, included email addresses, passwords, and associated websites. The breach originated from credential-stuffing attacks and information-stealing malware. Security researcher Troy Hunt confirmed that many of the email addresses were valid and linked to real accounts, highlighting the scale and seriousness of the leak .

Telegram's features, such as anonymous chatbots and the ability to share large files, have made it a preferred platform for cybercriminals. The app's minimal content moderation and encryption policies have facilitated the sale of stolen data, illicit drugs, and other illegal activities. In response to growing criticism, Telegram has pledged to enhance its content moderation and cooperate more with law enforcement agencies .

In Bangladesh, Telegram has been implicated in the exposure of personal data from the National Identity (NID) database. A Telegram channel allowed users to input an NID number and date of birth to retrieve detailed personal information, including names, addresses, and photographs. While the Election Commission denied a direct breach of its database, the leak was traced back to weak security measures in institutions accessing the NID system. This incident underscores the global reach of Telegram in facilitating data breaches .
Prothomalo
Reuters

Conclusion
These breaches highlight significant vulnerabilities in Telegram's platform, particularly concerning its content moderation and data protection practices. While Telegram has taken steps to address these issues, the recurring nature of such incidents suggests that more robust measures are needed to safeguard user data and prevent the platform from being exploited for illegal activities.