Telegram has disclosed that it fulfilled 900 requests from U.S. government agencies in 2024, sharing phone numbers or IP addresses of 2,253 users with law enforcement. This follows a major policy shift in September 2024, when the platform expanded its data-sharing policy.
Previously, Telegram only shared such data in cases involving terrorism, fulfilling just 14 requests affecting 108 users until late September. The updated privacy policy now allows Telegram to provide user data for other criminal investigations, including cybercrime, the sale of illegal goods, and online fraud.
“If Telegram receives a valid order from the relevant judicial authorities that confirms you’re a suspect in a case involving criminal activities that violate the Telegram Terms of Service, we will perform a legal analysis of the request and may disclose your IP address and phone number to the relevant authorities,” the revised privacy policy states.
The policy change followed increasing pressure from law enforcement and culminated in the arrest of Telegram founder and CEO Pavel Durov in France in August. Durov faces charges of complicity in cybercrime, organized fraud, and refusing to cooperate with legal interception orders.
While the platform is widely used for communication and evading censorship, it has also been exploited for cybercrime, such as selling stolen data, conducting attacks, and serving as a command-and-control channel for malware.
Although some cybercrime groups have announced plans to leave Telegram, reports suggest little has changed in its usage by threat actors. In December, cybercrime intelligence firm KELA noted that the landscape remained largely the same, despite Telegram’s increased cooperation with law enforcement.
