The defacement, now removed and replaced by a 403 Forbidden notice, said, "The Israeli-based 'Viber' is spying and tracking you. We weren't able to hack all Viber systems, but most of it is designed for spying and tracking." The inclusion of a screenshot containing user information is designed to confirm the accusation.
Meanwhile, SEA also posted a tweet saying, "Warning: If you have 'Viber' app installed we advise you to delete it." A link pointed to the defaced page.
Viber has since issued a statement explaining the breach and suggesting the hack was not as serious as SEA has indicated. The breach occurred "after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page."
Viber goes on to stress that no sensitive user data was compromised and the data held in the hacked support system is just basic user data of the type needed to provide support. But Viber does not dismiss the incident. "We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future."
From the information so far available there is nothing to support SEA's claim that Viber tracks its users and stores the type of data that intelligence agencies would like to access. It may be that SEA's motive with the claim and subsequent Twitter warning that users should delete the app is simply to do as much damage to Viber as possible. The ball is now in SEA's court to provide more proof than it has so far.