The Syrian Electronic Army (SEA) has claimed to have successfully hacked free video and text messaging service Tango.
The organisation, which is loyal to Syrian President Bashar-al-Assad, boasted that it breached Tango's website and back-up, database, managing to steal sensitive personal data, including users' private phone numbers, contacts and email addresses.
The stolen information allegedly amounts to 1.5TB of data.
The SEA said, "Much of the information in the databases that were downloaded will be delivered to the Syrian government."
Tango took to Twitter to confirm the data hack, writing, "Tango experienced a cyber intrusion that resulted in unauthorized access to some data. We are working on increasing our security systems."
To add proof to its claims, the SEA posted screenshots of the hack to its website, which has prompted Internet security experts to speculate that the hack took place because of Tango's use of an old version of the WordPress content management system.
The latest version of WordPress is 3.5.2, but Tango has been using 3.2.1, according to E Hacking News.
In a subsequent Twitter post, Tango wrote, "We sincerely apologize for any inconvenience this breach may have caused our members."
The reason why Tango in particular was targeted remains unclear.
The SEA rose to prominence with a series of high-profile hacks earlier this year, counting the Guardian, the FT and the BBC amongst its victims.