GetContact

We noticed a significant data exposure event originating from GetContact, a popular caller-identification and spam-blocking service. The initial discovery, surfacing on January 1st, 2021, involved a substantial dataset disseminated through a Telegram channel. What struck us as particularly noteworthy was the sheer volume of personally identifiable information (PII) compromised, impacting nearly 10 million users. The nature of the leaked data, specifically phone numbers and full names, presents a direct pathway for sophisticated social engineering attacks and identity theft.

The GetContact breach, classified as a database and combolist incident, saw the exfiltration of 9,904,168 records. The exposed data primarily consists of phone numbers, first names, and last names. This information was reportedly shared via a Telegram channel, suggesting a potential internal compromise or a sophisticated external actor gaining access to a database dump. The service, widely used for identifying unknown callers and tagging numbers, including significant usage in Ukraine, means the affected population likely spans a broad geographic and demographic range. The combination of phone numbers and names creates a potent tool for attackers seeking to impersonate individuals or conduct targeted phishing campaigns.

While specific news coverage directly detailing the GetContact leak in early 2021 might be fragmented, the broader trend of large-scale data dumps on platforms like Telegram is well-documented. This incident aligns with ongoing OSINT investigations into compromised user databases from various online services. Research by cybersecurity firms frequently highlights the risks associated with aggregated PII, emphasizing how seemingly innocuous data points, when combined, can significantly increase an individual's vulnerability to malicious actors.