Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward

How Someone Allegedly Hacked Into Activists’ Telegram Accounts

May 6, 2016, 2:36 PM UTC
TechCrunch Disrupt SF 2015 - Day 1
SAN FRANCISCO, CA - SEPTEMBER 21: Pavel Durov, CEO and co-founder of Telegram speaks onstage during day one of TechCrunch Disrupt SF 2015 at Pier 70 on September 21, 2015 in San Francisco, California. (Photo by Steve Jennings/Getty Images for TechCrunch)
Photograph by Steve Jennings via Getty Images

Two Russian activists have threatened to sue the mobile operator MTS for allegedly aiding the hacking of their accounts on the encrypted messaging service Telegram.

Telegram suspects the Russian authorities were behind the episode in order to get information about the activists’ communications.

This wasn’t technically a hack of Telegram itself. Instead, according to the activists, Oleg Kozlovsky and Georgy Alburov, MTS temporarily disabled the text messaging services on their phones.

Get Data Sheet, Fortune’s technology newsletter.

Someone then requested log-in codes for the activists’ Telegram accounts, which the service sends via SMS. With Kozlovsky and Alburov not receiving their text messages, that someone then intercepted the messages containing those codes.

Alburov is an anti-corruption activist, and Kozlovsky has organized trips to Ukraine for journalists and activists.

Telegram CEO Pavel Durov sees the episode as evidence that Russia’s security apparatus have started pressuring local operators without court orders. “Democratic countries typically try to avoid intercepting SMS without a court order, because such measures are highly visible and can lead to public uproar,” he told the Financial Times.

Markus Ra, Telegram’s spokesman, told Fortune that the activists should have used the app’s two-step verification process so the attackers would have needed to enter both passwords and login codes in order to access their accounts.

For more on encrypted messaging, watch:

“Our investigation showed that MTS did not deliver the codes to the users’ devices,” Ra said. “We’ve introduced two-step verification to our apps more than a year ago to avoid exactly this kind of scenario.”

Fortune repeatedly tried to get through to MTS’s media relations department, but was not successful.