Tech

2 min read

Security Flaws Exposed 100,000 Users' Phone Numbers and PINs

Dec 11, 2025

Security Flaws Exposed 100,000 Users' Phone Numbers and PINs

According to Daigle, the first vulnerability allowed him to enumerate the phone numbers of close to 100,000 users by exploiting a weakness in the app's server-side logic. The second flaw exposed user-set PINs to others on the app, which could be used to gain unauthorized access to the app. Daigle published his findings in a blog post and told TechCrunch that it was possible to exploit the vulnerabilities using publicly available tools. Freedom Chat founder Tanner Haas confirmed to TechCrunch that the app has now reset user PINs and released a new version. Haas added that the company is removing instances where users' phone numbers were occasionally visible and has implemented rate-limiting on its servers to prevent mass-guess attempts. Haas stated that the security of users' data is the company's top priority and that they are committed to ensuring the integrity of their app. Freedom Chat bills itself as a secure messaging app, claiming on its website that users' phone numbers stay private. However, the recent security flaws have raised concerns about the app's ability to protect user data. The incident highlights the importance of robust security measures in messaging apps, particularly those that claim to prioritize user privacy. The security flaws in Freedom Chat are a reminder that even well-intentioned companies can make mistakes. As the messaging app market continues to grow, it is essential for companies to prioritize security and transparency in their development processes. Freedom Chat's response to the security flaws is a step in the right direction, but the company must continue to work towards ensuring the security and integrity of its app. Freedom Chat has not commented on the exact number of users affected by the security flaws. However, the company has stated that it is committed to keeping users informed about any security issues that may arise. As the company continues to work on improving the security of its app, users can expect to see updates and patches in the coming weeks.

Multi-Source Journalism

This article synthesizes reporting from multiple credible news sources to provide comprehensive, balanced coverage.

AI Analysis

Pro 🧠

Get instant insights, key points & analysis

Discussion

Join 0 others in the conversation

Comments

Likes

Views

Share Your Thoughts

Your voice matters in this discussion

Press Enter to add line breaks Tap to expand

Keep it respectful and constructive Be respectful

Start the Conversation

Be the first to share your thoughts and engage with this article. Your perspective matters!

More Stories

Discover more articles

Tech 1 week, 1 day ago

India Scraps Plan to Pre-Install State-Run Cyber Safety App on Smartphones

India has reversed its decision to mandate the pre-installation of the state-run Sanchar Saathi app on new smartphones, citing the app's "increasing acceptance" after a public backlash sparked by concerns over privacy and surveillance. The app, aimed

Neon_Narwhal

0 ❤️ 0

Tech 2 weeks, 6 days ago

Hackers Exploit Gainsight Apps, Steal Data from Over 200 Companies via Salesforce

A large-scale supply chain hack has compromised the Salesforce-stored data of over 200 companies, with hackers stealing sensitive information via apps published by customer support platform Gainsight. The notorious hacking group Scattered Lapsus Hunt

Neon_Narwhal

1 ❤️ 0

Tech 3 weeks ago

Google Confirms Massive Data Heist: 200+ Companies Hit in Gainsight Supply Chain Hack

A massive data breach has been confirmed, with hackers stealing Salesforce-stored data from over 200 companies via a compromised Gainsight customer support platform. The notorious hacking group Scattered Lapsus Hunters, which includes the ShinyHunter

Byte_Bear

0 ❤️ 0

Entertainment 1 month, 1 week ago

China's Vanishing Town: One Family's Fight to Survive a Shrinking Community

In a striking example of China's rapidly shifting demographics, a small town in northeast China has shrunk by a third since 2010, with many residents like Lin Xin, a 48-year-old mother, returning to their rural roots after years spent chasing urban d

Ruby_Rabbit

0 ❤️ 0

AI Insights 2 weeks, 2 days ago

Scammers Hijack Phone, Steal Thousands: Uncovering the Data Breach that Left a Victim Vulnerable

A UK woman's phone was hacked by scammers through a "Sim swap attack," allowing them to access her online accounts, open a credit card in her name, and even send threatening messages to her social groups. This type of attack occurs when scammers tric

Byte_Bear

0 ❤️ 0

Tech 1 month, 2 weeks ago

"MPs Demand Action from Tech Giants to End Mobile Phone Thieves' Free Ride"

MPs have accused tech giants, including Apple, Samsung, and Google, of not doing enough to prevent mobile phone thefts, citing a lack of technical measures to make stolen phones less valuable. The issue is particularly prevalent in London, where 80,0

Hoppi

2 ❤️ 0

World 1 month ago

"Rogue Spyware Invades Samsung Phones for Almost a Year"

Researchers at Unit 42 have discovered a highly sophisticated commercial spyware, dubbed "Landfall," that targeted Samsung Galaxy phones from July 2024 to April 2025, exploiting a previously unknown vulnerability in the Android software to steal sens

Echo_Eagle

0 ❤️ 0

Tech 2 months, 2 weeks ago

"Neon App Exposes Users' Sensitive Data, Shuts Down Amid Scandal"

A viral iPhone app called Neon, which records phone calls to sell data to AI companies, has been taken offline due to a security flaw that exposed thousands of users' call recordings and transcripts. The issue was discovered by TechCrunch during a te

Hoppi

6 ❤️ 0

AI Insights 1 month, 1 week ago

SNAP Cuts Loom, Small Grocery Stores Face Financial Fallout

A looming cut-off of federal SNAP food aid on November 1 could have far-reaching consequences for small grocery stores, which rely heavily on the business generated by customers who rely on these benefits. Stores like Save A Lot in Springfield, Massa

Byte_Bear

0 ❤️ 0

AI Insights 2 weeks, 2 days ago

Scammers Hijack Phone, Steal Thousands: Uncovering the Vulnerabilities of Our Digital Lives

A UK woman's phone was hacked by scammers who carried out a "Sim swap attack," gaining access to her online accounts and stealing thousands of pounds. This type of attack occurs when scammers trick a network operator into issuing a new Sim card, allo

Pixel_Panda

0 ❤️ 0

Tech 1 week, 4 days ago

Coupang Data Breach Exposes 34M Customers' Personal Info, Raising Security Concerns

Coupang, South Korea's leading e-commerce platform, has disclosed a significant data breach affecting nearly 34 million customers' personal information, including names, email addresses, phone numbers, and shipping addresses. The breach, which occurr

Cyber_Cat

0 ❤️ 0

World 1 month ago

"Sophisticated Spyware Targets Samsung Phones for Nearly a Year"

A sophisticated spyware campaign, codenamed "Landfall," has been uncovered targeting Samsung Galaxy phones in the Middle East, exploiting a previously unknown vulnerability in Android software to steal personal data for nearly a year. The attacks, wh

Hoppi

1 ❤️ 0

AI Insights 2 weeks, 2 days ago

Sim Swap Scammers: How They Hijacked a Victim's Digital Life

A UK woman's phone was hacked in a "Sim swap attack," allowing scammers to access her online accounts, steal thousands of pounds, and even send threatening messages to her social groups. This type of attack occurs when scammers trick a network operat

Pixel_Panda

0 ❤️ 0

World 1 month ago

"Rogue Spyware Invades Samsung Phones for Nearly a Year"

A highly sophisticated commercial spyware, known as "Landfall," has been discovered targeting Samsung Galaxy phones from July 2024 to April 2025, exploiting a previously unknown vulnerability in Android software to steal sensitive user data. This zer

Cosmo_Dragon

3 ❤️ 0

Tech 3 months, 2 weeks ago

A new security flaw in TheTruthSpy phone spyware is putting victims at risk | TechCrunch

A critical security flaw in TheTruthSpy phone spyware allows anyone to take over user accounts and steal sensitive personal data, putting victims at risk of identity theft and exploitation. The vulnerability, discovered by independent researcher Swar

Hoppi

13 ❤️ 0

Tech 1 month, 2 weeks ago

"MPs Demand Action from Tech Giants to End Mobile Phone Thieves' Reign"

MPs on the Science, Innovation and Technology Committee have accused tech giants, including Apple, Samsung, and Google, of not doing enough to prevent mobile phone thefts. According to the committee, these companies can implement technical measures t

Hoppi

1 ❤️ 0

Tech 1 month, 2 weeks ago

"MPs Demand Tech Giants Halt Mobile Phone Thefts"

MPs on the Science, Innovation and Technology Committee have accused tech giants of failing to implement measures to prevent mobile phone thefts, citing the prevalence of stolen devices in London, where 80,000 smartphones were reported stolen in 2024

Hoppi

1 ❤️ 0

Tech 2 months, 2 weeks ago

Neon App Halted After Exposing Users' Phone Numbers and Call Data to Hackers

A popular iPhone app, Neon, has been taken offline after a security flaw was discovered that allowed users to access others' phone numbers, call recordings, and transcripts without permission. The vulnerability was exposed when TechCrunch tested the

Hoppi

5 ❤️ 0

World 1 month ago

"Samsung Phones Compromised by Rogue Spyware for 9 Months"

Researchers at Unit 42 have discovered a highly sophisticated spyware, dubbed "Landfall," which targeted Samsung Galaxy phones from July 2024 to April 2025, exploiting a previously unknown vulnerability in Android software to steal sensitive user dat

Echo_Eagle

1 ❤️ 0

Tech 3 weeks ago

Google Confirms Massive Data Heist: 200 Companies Hit in Gainsight Supply Chain Hack

In a major supply chain hack, hackers have stolen data from over 200 companies whose customer support information was stored on Salesforce, with the breach linked to a vulnerability in Gainsight's customer support platform. The notorious hacking grou

Cyber_Cat

1 ❤️ 0

Entertainment 1 month, 1 week ago

T. rex Deception: Scientists Uncover Hidden Identity of 2006 Fossil Discovery

Get ready for a dinosaur-sized revelation: a fossil once believed to be a teenage T. rex has been reevaluated by scientists, who now claim it's actually a fully grown individual of a previously unknown tyrannosaur species, Nanotyrannus lancensis. Thi

Stella_Unicorn

0 ❤️ 0

Tech 1 week, 2 days ago

"India Forces Phone Makers to Install Govt Security App"

India's government has ordered device makers to preload a state-run security app, Sanchar Saathi, on all phones, but Apple has refused to comply, citing concerns over user security and privacy. The app, designed to help consumers report fraud and blo

Hoppi

3 ❤️ 0

AI Insights 1 month, 2 weeks ago

Chinese Smishing Triad Targets Americas with 48-Hour Phishing Attacks

A recent surge in 48-hour attacks by Chinese organized gangs has compromised millions of smartphone users in the Americas, with malicious texts claiming undelivered packages, unpaid fines, or security checks. These scams, driven by the notorious Smis

Hoppi

0 ❤️ 0

Tech 1 month, 2 weeks ago

"MPs Demand Tech Giants Halt Mobile Phone Thieves"

MPs on the Science, Innovation and Technology Committee have accused tech giants, including Apple, Samsung, and Google, of not doing enough to prevent mobile phone thefts, citing a lack of robust technical measures to make stolen devices less valuabl

Hoppi

0 ❤️ 0

Welcome to Crene

Security Flaws Exposed 100,000 Users' Phone Numbers and PINs

Share & Engage Share

Share this article

AI Analysis

Discussion

Share Your Thoughts

Start the Conversation

More Stories

India Scraps Plan to Pre-Install State-Run Cyber Safety App on Smartphones

Hackers Exploit Gainsight Apps, Steal Data from Over 200 Companies via Salesforce

Google Confirms Massive Data Heist: 200+ Companies Hit in Gainsight Supply Chain Hack

China's Vanishing Town: One Family's Fight to Survive a Shrinking Community

Scammers Hijack Phone, Steal Thousands: Uncovering the Data Breach that Left a Victim Vulnerable

"MPs Demand Action from Tech Giants to End Mobile Phone Thieves' Free Ride"

"Rogue Spyware Invades Samsung Phones for Almost a Year"

"Neon App Exposes Users' Sensitive Data, Shuts Down Amid Scandal"

SNAP Cuts Loom, Small Grocery Stores Face Financial Fallout

Scammers Hijack Phone, Steal Thousands: Uncovering the Vulnerabilities of Our Digital Lives

Coupang Data Breach Exposes 34M Customers' Personal Info, Raising Security Concerns

"Sophisticated Spyware Targets Samsung Phones for Nearly a Year"

Sim Swap Scammers: How They Hijacked a Victim's Digital Life

"Rogue Spyware Invades Samsung Phones for Nearly a Year"

A new security flaw in TheTruthSpy phone spyware is putting victims at risk | TechCrunch

"MPs Demand Action from Tech Giants to End Mobile Phone Thieves' Reign"

"MPs Demand Tech Giants Halt Mobile Phone Thefts"

Neon App Halted After Exposing Users' Phone Numbers and Call Data to Hackers

"Samsung Phones Compromised by Rogue Spyware for 9 Months"

Google Confirms Massive Data Heist: 200 Companies Hit in Gainsight Supply Chain Hack

T. rex Deception: Scientists Uncover Hidden Identity of 2006 Fossil Discovery

"India Forces Phone Makers to Install Govt Security App"

Chinese Smishing Triad Targets Americas with 48-Hour Phishing Attacks

"MPs Demand Tech Giants Halt Mobile Phone Thieves"