It is worth noting that the massive WhatsApp data breach involving over 500 million user data does not appear to include any Indian user data. WhatsApp’s recent data breach still remains a mystery to many of them as it is purely based on the screenshots shared and circulated in media.
WhatsApp is widely regarded as a secure cross-platform instant messaging service that works on nearly any device, thanks to features such as end-to-end encryption. According to a fresh claim, someone managed to data breach and steal the personal data of over 500 million users, which are for sale. Recently an actor advertised on a hacker community forum that he was selling the data of over 487 million WhatsApp users, including their phone numbers. The listing further states that the WhatsApp data breach mystery continues and comprises of users from 84 different nations, including 32 million users from the United States.
The hacked data also includes user information from Egypt, Italy, Saudi Arabia, France, and Turkey. It’s also worth noting that the list contains no user data from India. The US database on WhatsApp users costs US$7,000, while the databases in the UK and Germany cost US$2,500 and US$2,000, respectively.
When asked for a sample, the hacker provided a small set of data containing user data from 1097 phone numbers in the United States and 817 phone numbers in the United Kingdom. These leaked phone numbers could be used for phishing and other fraudulent activities, as well as impersonation.
According to the list, India and Bangladesh were among the nations whose users were affected. On the dark web, you can buy data from over 6.1 million Indian consumers. In Bangladesh, around 3.8 million customers have been affected.
According to the list, some users from China, where WhatsApp is prohibited, have also been affected. It also includes 2.5 million users from Qatar, which is hosting the FIFA World Cup 2022. According to the list, the data breach was global in scope, affecting countries across multiple continents.
Egypt, an African country, topped the list, with almost 44.8 million people targeted in the incident. Italy, the United States, Saudi Arabia, and France round out the top five. With 130k users affected, Indonesia was the least affected country.
While it is unclear how the hacker obtained WhatsApp data, the article suggests that “scraping” might be one method. “Scraping” is a data collection technique that frequently employs bots. The method is against WhatsApp’s terms of service.
Meta has not yet replied to this change. It is now assumed that the WhatsApp data of around 500 million people were collected by online scraping or web harvesting, which involves the use of an automated data tool to collect data from a specific service, which violates WhatsApp’s terms of service.
Over 533 million user details were exposed on a secret forum by Meta, which has long been chastised for allowing third parties to scrape or gather user data. The actor was essentially giving away the dataset for free.
Days after a big Facebook data dump made news, a famous hacker site listed an archive of data supposedly collected from 500 million LinkedIn profiles for sale.
Phone numbers that have been leaked might be used for marketing, phishing, impersonation, and fraud.
Mark Zuckerberg, the CEO, and creator of Meta, has stated that WhatsApp is far safer than iMessage. “iMessage lacks end-to-end encryption, which makes it significantly less private and safe than WhatsApp, which also enables group conversations and is compatible with both Android and iPhone devices,” he explained. You may also set social media giant Meta-owned WhatsApp to automatically stop all new chats with a single button push. Last year, we also enabled end-to-end encrypted backups. Which iMessage still lacks completely.”
“In this day and age, we all leave a sizable digital footprint – and internet behemoths like Meta should take all procedures and means to preserve that data,” said Mantas Sasnauskas, director of Cybernews’ research team. “We should consider if an additional language stating that scraping or platform abuse is not authorized in the Terms and Conditions is sufficient.” Threat actors are unconcerned by these rules; thus, businesses must take stringent technological measures to minimize dangers and avoid platform misuse.”