On Nov. 16, a user posted an ad on a well-known forum frequented by members of the hacking community claiming that he is selling a 2022 database with the mobile phone numbers of over 487 million WhatsApp users. (Related: Despite security assurance, Facebook is reading WhatsApp user messages.)
If confirmed to be accurate, this could potentially be the largest data breach WhatsApp has ever experienced. WhatsApp's parent company, Meta, has experienced bigger data leaks through hacking incidents. One such incident resulted in over 533 million user records from Facebook leaked on a hacking forum, with the hacker sharing the dataset practically for free.
Upon request, the seller of the WhatsApp phone number database shared a sample of the data with researchers from CyberNews. The hacker provided 1,097 numbers from the United Kingdom and 817 numbers from the United States. The site was able to confirm that all of the numbers the hacker provided are, in fact, WhatsApp users.
The seller refused to elaborate on how they obtained the WhatsApp database, only stating that he used some sort of strategy to collect the data.
CyberNews has reached out to Meta but has received no immediate response, and the company seems to want to deny that the data breach exists.
One spokesperson for the company said: "The claim written on CyberNews is based on unsubstantiated screenshots. There is no evidence of a data leak from WhatsApp."
"Additionally, the reporter of the CyberNews article has also tweeted that there is no evidence of a data hack/leak on WhatsApp," the spokesperson added, referencing a statement made by the CyberNews reporter that the possibility of a hack remains "purely speculative."
"This claim is purely speculative. However, quite often, massive data dumps posted online turn out to be obtained by scraping," wrote Jurgita Laienyte for CyberNews.
Scraping, also known as content scraping or screen scraping, is a technique for grabbing data popular among hackers and fraudsters that involves using a bot or another kind of automated toolset to extract information.
A total of 84 countries and territories were affected by the possible data breach, each having over a million user phone numbers compromised.
The country most affected is Egypt, which has nearly 45 million user phone numbers compromised by the hack. The next most affected is Italy, with 35.6 million phone numbers affected, followed closely by the United States with over 32.3 million user phone numbers compromised.
Other countries with large amounts of data compromised include Saudi Arabia, France, Turkey, Morocco, Colombia, Iraq, Mexico, Malaysia, the United Kingdom, Algeria and Spain, all of whom had at least 10 million user phone numbers compromised by the possible data breach.
The hacker told CyberNews that he is selling the U.S. dataset for $7,000, the U.K. dataset – with over 11.5 million numbers – for $2,500 and the Germany dataset – with over six million numbers – for $2,000.
Personal phone information obtained through these illicit means is mostly used for phishing attacks with the goal of obtaining financial information, such as credit card or bank account information. CyberNews recommends that users try to find out if their phone number was compromised by the data leak and warns them to remain wary of unsolicited calls or messages, especially if they come from unknown numbers.
"In this age, we all leave a sizeable digital footprint – and tech giants like Meta should take all precautions and means to safeguard that data," said CyberNews research team head Mantas Sasnauskas. "We should ask whether an added clause of 'scraping or platform abuse is not permitted in the Terms of Conditions' is enough [to safeguard data]. Threat actors don't care about those terms, so companies should take [even more] rigorous steps to mitigate threats and prevent platform abuse from a technical standpoint."
Learn more about data breaches and hacking incidents at Glitch.news.
Watch this clip from Times Now discussing how to keep personal WhatsApp accounts safe from potential hackers.