Meta Platforms is getting surrounded with unwanted challenges one after another. A new report claims that a hacker hacked WhatsApp and stole personal data from around 500 million users. To make the situation even more worrisome for the WhatsApp management team the hacker has allegedly put the data up for sale on the internet.
Despite all the claims and security measures, including end-to-end encryption, by WhatsApp, a hacker was able to gain access to the millions of WhatsApp users’ data. Usually, WhatsApp, which has over 2 billion monthly active users, is considered one of the safest mobile messaging apps on all devices. However, the incident has, once again, brought the focus back to the debate related to users’ data privacy.
The report states that an actor advertised in a hacking forum claiming to be in possession of over 487 million WhatsApp users’ data, including their mobile numbers, and was willing to sell it. The hacked WhatsApp data is claimed to be of users belonging to 84 countries, and 32 million users are from the USA.
The list of compromised data also includes user data from France, Italy, Saudi Arabia and Turkey. Interestingly, he didn’t claim that if the hacked users’ data list includes India or not. However, few media reports have claimed that the hacked WhatsApp data also includes the sensitive personal data of over 60 lakh WhatsApp users from India.
The US database of WhatsApp users can be purchased for $7,000, while the UK and Germany databases are available for purchase at $2,500 and $2,000, respectively.
Cybernews asked for a sample and the hacker provided it. It contained user data from 1,097 US phone numbers and 817 UK phone numbers. These phone numbers can be used to impersonate others and could also be used in phishing or fraudulent activities.
The parent company Meta has gone into damage control mode and is yet to pass any official statement on the incident. It is believed that WhatsApp data containing around 500 million users was obtained via web scraping and harvesting. In this way, hackers make use of an automated tool which collects data from a particular service. This is a violation of WhatsApp’s terms.
WhatsApp hack: Always on target
This is not the first time when hackers or cybercriminals aimed at WhatsApp. Hackers have been trying to make use of any possible loophole in WhatsApp for some time. In 2017, a major bug was identified in WhatsApp which allowed hackers to take control of a user’s account. WhatsApp identity theft and hackers using WhatsApp to spy on users were other concerning incidents that left hundreds of millions of WhatsApp users stunned in the past.
Update 1: 18:40 Hr: A spokesperson of WhatsApp has refuted all claims related to WhatsApp data leak reports. He said that there was no evidence of ‘data leak’.
“The claim written on Cybernews is based on unsubstantiated screenshots. There is no evidence of a ‘data leak’ from WhatsApp,” the WhatsApp spokesperson said.
He also clarified that the purported list of phone numbers, which is up for sale, is just a random dump of phone numbers, and not the personal information of WhatsApp users.