• Home
  • cyber
  • Telegram: 200M+ Telegram user records shared on a data leak forum
cyber Breach

Telegram: 200M+ Telegram user records shared on a data leak forum

Jan 24, 2026 2 min read
Telegram: 200M+ Telegram user records shared on a data leak forum

Massive Telegram Data Leak Exposes 200M+ User Records on Dark Web Forum

On January 24, attackers posted a dataset containing over 200 million Telegram user records on a popular data leak forum, exposing sensitive information including phone numbers, email addresses, and user IDs. The leaked data spans three databases "Telegram user data," "Source platform," and "Telegram" totaling 44GB when uncompressed.

Researchers from Cybernews analyzed a sample of the data and found 66 million phone numbers, 10 million user records, and 60 million likely Telegram-related entries. While some details may have been scraped from public profiles, the inclusion of non-public data like emails suggests the leak may also incorporate older breaches or unauthorized access.

The dataset’s scale raises concerns about large-scale phishing campaigns, as attackers could exploit the exposed contact information to target users globally. However, the exact origin of the data remains unclear researchers have not confirmed whether it stems from a new breach, aggregated scrapes, or a combination of both. Duplicates in the dataset could also reduce its actual impact.

The post on the data leak forum has remained active since its publication, with daily user engagement indicating ongoing interest among cybercriminals. Telegram has yet to respond to requests for comment.

Separately, the incident follows a December 2023 report by cybersecurity firm NVISO, which revealed an 8.7 billion-record leak from Chinese databases, highlighting a broader trend of massive data exposures in recent months.

Source: https://cybernews.com/security/200m-telegram-user-records-shared-on-a-data-leak-forum/

Telegram Messenger cybersecurity rating report: https://www.rankiteo.com/company/telegram-messenger

"id": "TEL1770739726",
"linkid": "telegram-messenger",
"type": "Breach",
"date": "1/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '200M+ user records',
                        'industry': 'Messaging/Communication',
                        'location': 'Global',
                        'name': 'Telegram',
                        'size': 'Large (millions of users)',
                        'type': 'Technology Company'}],
 'attack_vector': 'Unknown (potentially aggregated scrapes or unauthorized '
                  'access)',
 'data_breach': {'data_exfiltration': 'Yes (posted on dark web forum)',
                 'number_of_records_exposed': '200M+',
                 'personally_identifiable_information': 'Yes (phone numbers, '
                                                        'emails, user IDs)',
                 'sensitivity_of_data': 'High (PII including non-public '
                                        'emails)',
                 'type_of_data_compromised': ['Phone numbers',
                                              'Email addresses',
                                              'User IDs']},
 'date_detected': '2024-01-24',
 'date_publicly_disclosed': '2024-01-24',
 'description': 'On January 24, attackers posted a dataset containing over 200 '
                'million Telegram user records on a popular data leak forum, '
                'exposing sensitive information including phone numbers, email '
                'addresses, and user IDs. The leaked data spans three '
                "databases: 'Telegram user data,' 'Source platform,' and "
                "'Telegram,' totaling 44GB when uncompressed. Researchers from "
                'Cybernews analyzed a sample of the data and found 66 million '
                'phone numbers, 10 million user records, and 60 million likely '
                'Telegram-related entries. The inclusion of non-public data '
                'like emails suggests the leak may also incorporate older '
                'breaches or unauthorized access. The dataset’s scale raises '
                'concerns about large-scale phishing campaigns.',
 'impact': {'brand_reputation_impact': 'High (potential erosion of user trust)',
            'data_compromised': 'Phone numbers, email addresses, user IDs',
            'identity_theft_risk': 'High (exposed PII enables phishing and '
                                   'fraud)',
            'legal_liabilities': 'Potential (regulatory violations under GDPR '
                                 'or other data protection laws)'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes (posted on data leak '
                                                    'forum)'},
 'investigation_status': 'Ongoing (origin of data unclear)',
 'motivation': 'Data Exfiltration (potential financial gain via dark web '
               'sales)',
 'post_incident_analysis': {'root_causes': 'Unknown (potentially aggregated '
                                           'scrapes, older breaches, or '
                                           'unauthorized access)'},
 'references': [{'date_accessed': '2024-01-24', 'source': 'Cybernews'}],
 'regulatory_compliance': {'regulations_violated': ['Potential GDPR violations',
                                                    'Other data protection '
                                                    'laws']},
 'title': 'Massive Telegram Data Leak Exposes 200M+ User Records on Dark Web '
          'Forum',
 'type': 'Data Leak'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.