Update:
"The claim written on Cybernews is based on unsubstantiated screenshots. There is no evidence of a ‘data leak’ from WhatsApp." – a WhatsApp Spokesperson
Also pls note – On -background: the purported list is a set of phone numbers – and not “WhatsApp user information”
Additionally, the reporter of the Cybernews article has also tweeted that there's no evidence of a data hack/ leak on WhatsApp. Please refer below to her tweet:
https://twitter.com/lapienyte/status/1596529745411334145?ref_src=twsrc%5Etfw
An investigation done by Cybernews has revealed that updated account data including phone numbers of about 500 million WhatsApp users has been leaked and put up on sale on a hacking forum. This leak had come to surface on November 16, when one of the hackers had put up a post on a hacking community forum, advertising the data breach.
The modus operandi of the hacker seems to be unclear at the moment. However, as per the claims made by Cybernews based on the data that was shared with them from the leak, has phone numbers of users that are actually a part of the active user pool of the platform which sits at two billion active users across the world. This means that 1/4th of the total user base of the platform is at risk.
It was also found that the users whose data is included in the leak, are from 84 different nationalities. This includes countries like Australia, Belgium, and even the US. AT the time of writing, the most probable method used by the hackers to obtain the information seems to be data scraping, which has earlier been used to gather data of users from other social platforms.
While this practice is against Terms of Service of WhatsApp, which is the platform in question at the moment, experts from Cybernews have questioned the stance of Meta when it comes to providing protection against such moves by actors with malicious intent. “We should ask whether an added clause of 'scraping or platform abuse is not permitted in the Terms and Conditions' is enough. Threat actors don't care about those terms, so companies should take rigorous steps to mitigate threats and prevent platform abuse from a technical standpoint,” head of Cybernews research team Mantas Sasnauskas said.
There have been previous instances of such leaks, even on Meta’s own platforms like Facebook, which last year suffered a data leak of similar scale. This leaves us with questions about so many things. The most prominent of which remains, “Are they protective enough?”. Such questions are best left for experts to answer for now. All we can do is adopt the best practices that we can to prevent our data from being a part of such leaks and breaches.
For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in or head to our Google News page.