Sign up to our newsletter
The latest security news direct to your inbox
The popular messaging app Tango has been hacked – and hacker group Syrian Electronic Army (SEA) claims to have accessed “millions” of users’ personal details, downloading 1.5 terabytes of information including private phone numbers, contact lists and emails.
The app is used by more than 100 million people. Tango confirmed the breach via its Twitter feed, saying, “Tango experienced a cyber intrusion that resulted in unauthorized access to some data. We are working on increasing our security systems.” The company also apologized, saying, “”We sincerely apologise for any inconvenience this breach may have caused our members.”
“Much of the information in the databases that were downloaded will be delivered to the Syrian government,” the group claimed in a post on its website. “ The databases content a of millions of the app users phone numbers and contacts and their emailsMore than 1,5 TB of the daily-backups of the servers network has been downloaded successfully.”
The hackers reportedly gained access due to Tango’s use of an outdated version of WordPress, according to E Hacking News.
The group also targeted chat app Viber this week, although the company claims only minor systems were affected.
“Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack,” the company said in a statement. “The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.”
In a post on its official site, the SEA claimed to have, “hacked today the website and the database of the Israeli-based “Viber” app The SEA downloaded some of the app databases And after we gain access to some systems of that app, it was clear for us that the propuse of this app is spying and tracking of its users The SEA hacked the support page of the Viber app and uploaded screenshots of one of the app systems in addition to the app administrators names/phone numbers.”
Author Rob Waugh, We Live Security