Number tracking app Truecaller has fixed a bug in its Android app which could potentially allow hackers to retrieve personal information of users and change details – including call block settings – without a user's consent. The company, however, claimed that no information was compromised due to the bug.
"We recently found a potential issue, and have reacted quickly to fix it. Although we haven't encountered any suspicious activity, we still need to make sure that we are proactive to protecting and dismantling any potential issues," the company said in a blog post.
Cheetah Mobile had recently reported that Truecaller uses a device's International Mobile Station Equipment Identity (IMEI) number to assign identities to its users. Meaning, anyone gaining access to the IMEI of a device could get personal information – like contact number, home address, mail box, gender, etc – of a user and tamper app settings without a user's consent, exposing them to malicious phishers.
IMEI is a unique number assigned to all cellular devices as well as some satellite phones. It is usually found printed inside the battery compartment of a phone, but can also be checked on-screen on most phones by entering *#06# on the dialpad, or in the system information in the settings menu.
The cyber security bloggers had notified the company who took immediate steps to roll-out a relevant update last week. However, many users might still be at risk if they have not updated to the latest version of the app. Click here to download the latest version.
Truecaller is also available for iOS, Windows Phone, BlackBerry OS, Series 40, Symbian s60, Firefox OS, and Tizen. It is one of the most popular number-blocking apps and helps users track spammers, reject their calls and block them. The premium version of the app also lets you block messages from spammers and those from whom you don't want to receive calls or messages.