NumBuster 2018

In 2018 the caller identification service NumBuster suffered a significant data exposure through an API vulnerability. Attackers managed to extract a legitimate API key which allowed them to systematically parse the applications backend database. This incident resulted in the collection of approximately 102 million records primarily belonging to users in Russia. The leaked data consists of mobile phone numbers linked to the specific names and labels assigned to them within various users contact lists. This type of crowdsourced data exposure reveals how individuals are identified by others and poses risks related to social engineering and privacy loss.