3bn mobile phone numbers and identities are stored on popular caller ID and phone blocking apps, a FactWire investigation has found.

The apps, which include Sweden’s Truecaller, China’s CM Security and Israel’s Sync.me, were found to contain the numbers of several government officials, legislators and celebrities, as well as members of the public.

Among these, the investigation found, are Hong Kong’s chief executive Leung Chun-ying and chief secretary for administration Carrie Lam Cheng Yuet-ngor.

The revelation raises concerns about data security. Truecaller suffered a data breach in 2013, but insisted that no sensitive information had been exposed. It told the BBC that “Truecaller is not in violation of the data protection laws in Sweden, nor across the EU as a whole.”

The databases of the apps are compiled using the user’s phone book and recent contacts. As a result, a large proportion of those listed on the database are not users, and have not provided permission for their numbers to be filed by the apps.

Once this information has been shared, others who have the app will be notified when they are being called by, or calling, one of those on the list. The numbers cannot be obtained by entering somebody’s name but an unknown number can be entered to find out the person’s identity.

The BBC reported that, in its own research, it had found the databases to include the numbers of former Prime Minister David Cameron, Labour leader Jeremy Corbyn, Transport Secretary Chris Grayling, Tom Daley and Pete Waterman.