Encrypted instant messaging service Telegram has denied hackers breached its systems to gain the telephone numbers of 15 million Iranian users.
Checks on phone numbers had revealed "publicly available data", it said.
But it admitted that hackers may have compromised more than a dozen accounts by intercepting SMS verification codes but added this was not a "new threat".
It said users in "certain countries" should use "two-step verification to protect your account with a password".
Collin Anderson, a security researcher working with human rights group Amnesty, said hackers had "identified" the phone numbers of 15 million Iranian users and "compromised" more than a dozen Iranian accounts.
They had gained entry to the accounts after SMS codes sent to users wishing to log on to the service from a new phone had been "intercepted", he said.
Using the codes, the hackers could add new devices to a person's Telegram account, enabling them to read chat histories and new messaging, Mr Anderson said.
The use of SMS codes was a particular problem in a country where mobile companies were owned or influenced by the government, he said.
"We have over a dozen cases in which Telegram accounts have been compromised through ways that sound like basically co-ordination with the cell-phone company," he said.
The attacks - by hacking group as Rocket Kitten, which regularly carries out "a common pattern of spear-phishing campaigns reflecting the interests and activities of the Iranian security apparatus" - could have jeopardised the communications of activists, journalists and other users in sensitive positions in Iran, he added.
