Freedom Chat fixes major flaws that exposed users’ phone numbers and PINs

Freedom Chat, a messaging app launched in June and marketed as a secure platform where phone numbers remain private, has fixed two significant vulnerabilities that exposed sensitive user information. The flaws allowed attackers to guess registered users’ phone numbers and access user-set PINs, which are used to lock the app.

Security researcher Eric Daigle discovered the issues last week and shared them with TechCrunch, noting that Freedom Chat did not have a public vulnerability disclosure mechanism. After receiving an email alert from TechCrunch, app founder Tanner Haas confirmed that PINs for all users had been reset and that a new version of the app had been released.

Haas said the company has now removed instances where users’ phone numbers were visible and has added stricter rate-limiting to prevent automated number-guessing attempts.

Researcher could identify nearly 2,000 users

Daigle’s findings showed that the app’s servers allowed anyone to flood it with millions of phone number guesses, enabling attackers to determine whether a phone number was registered. Using this method, Daigle said he could identify close to 2,000 users who had joined the platform since launch.

He noted that this approach mirrored recent research by the University of Vienna, where academics scraped data on 3.5 billion WhatsApp accounts using bulk phone number matching. More background on these techniques is available on Wikipedia’s page on reverse lookup attacks.

Users’ PINs accidentally broadcast inside public channels

A second flaw revealed that users’ PINs were being leaked within public channels. While examining network traffic, Daigle found that Freedom Chat’s server responses included the PIN codes of every user in the same public channel. This meant anyone in the default channel — which new users automatically join — could receive the PINs of others.

Although these PINs were not visible inside the app’s interface, they were present in backend responses. Daigle warned that such information could allow someone with access to a stolen device to unlock the app and attempt to access conversations.

In its app store update, Freedom Chat said a recent backend change “inadvertently exposed user PINs,” but stressed that no messages were ever accessible as the platform does not support linked devices.

History of earlier security lapses

The incident has drawn renewed attention to founder Tanner Haas’ earlier app, Converso, which was delisted from app stores after security flaws exposed private messages and media. Given that history, experts say robust security audits are essential before promoting new messaging platforms as privacy-focused.

Daigle published his findings in a blog post, describing the flaws as avoidable and calling for improved disclosure systems. He emphasised that he contacted the app only through TechCrunch due to the lack of a formal reporting channel.

Developers promise improvements

Haas has pledged that Freedom Chat will strengthen backend protections and introduce more rigorous testing processes. The company also assured users that privacy remains its “top priority.”

As digital communication becomes increasingly central to daily life, the episode reinforces the importance of transparency and security in apps that claim to safeguard personal information. It also underscores the need for users to stay aware of how their data is stored and protected.