Iranian Police Confirm Hacking and Data Breach of 20 Million Irancel Users

Iranian police have confirmed the hacking and publication of data belonging to 20 million Irancel phone subscribers and stated they are searching for the perpetrator or perpetrators.

Colonel Hossein Ramezani, legal and international deputy of the Police Cyber Space Center (FCPA) said today, July 2 (12th of Tir), to the MEHR news agency: “Recently, an individual designed a bot on one of the mobile social networks and proceeded to publish old data of that operator’s [Irancel’s] subscribers. The legal department of the phone operator immediately filed a complaint in court against the bot creator and the person distributing the data.”

Mr. Ramezani stated: “Currently, there is no reason for concern and from a technical and specialized perspective, this operator has implemented appropriate security measures to protect and respect the privacy of its users.”

The Ministry of Information and Communications Technology also announced that the bot has been blocked.

The Etemaad newspaper in its Tehran edition reported that for the past two days, “a Telegram bot, when Irancel numbers are entered, publicly released private information of the number owner such as name, surname, national ID code, city of residence, home address, and postal code.”

Officials of the Ministry of Communications confirmed that the theft of Irancel subscriber data occurred two years ago, but the Etemaad newspaper states that Irancel kept the data theft hidden during this period, which according to the newspaper “could provide the groundwork for various types of fraud.”

Based on reports from Iranian media, Irancel has made its explanation regarding the hacking and disclosure of its subscribers’ data “conditional upon completing its information.”

Source: BBC