WhatsApp leaked: Facebook-owned WhatsApp (WhatsApp) is surrounded by controversies over its new terms of service, in the meantime a dispute has been linked with WhatsApp. WhatsApp group messages have been leaked on Google. In such a situation, by searching the WhatsApp group on Google, you could read your chat and also join your private group. Due to this mistake of WhatsApp, all the numbers of WhatsApp group of people also became public. Data was leaked on Google in 2019 also
This is not the first time that WhatsApp chat has leaked on Google. Earlier in 2019, many groups and chats were also found in Google search, although WhatsApp has now fixed this bug. This bug of WhatsApp was informed by cyber security researcher Rajasekhar Rajharia. According to the report, around 1,500 WhatsApp group’s invisible links were coming in Google results. Many of these groups were of porn and many belonged to a particular community. Some groups were from Bengali and Marathi.
bug in WhatsApp might have caused the Facebook-owned messaging app to leak the phone numbers of users on Google Search. As per a cybersecurity researcher, the WhatsApp bug has exposed the phone numbers of around 29,000 to 300,000 users online. This bug has arisen due to a Click to Chat feature on WhatsApp, however, the researcher claims that the issue is not very serious.
“WhatsApp web portal has leaked around 29,000 3,00,000 WhatsApp user’s mobile numbers in plain text accessible to any internet user. What makes this finding easy or appears to be simple is that data is accessible on the open web and not on the dark web,” wrote cybersecurity researcher Athul Jayaram in his blog post
The WhatsApp click to chat feature, which has reportedly exposed the numbers of users, allows users to create a link through which users can get in touch with them directly. Jayaram claims that WhatsApp doesn’t encrypt the phone number so when you share the link, you also accidentally expose the phone number in plaintext.
“Your mobile number is visible in plain text in this URL, and anyone who gets hold of the URL can know your mobile number. You cannot revoke it,” said Jayaram told threat post.
For instance, if you have created a link through Click to Chat and shared it on social media platforms, it also shares the number online. Whoever has access to the link, will also get the phone number. He said due to this glitch, several cybercriminals and fraudsters could target users whose numbers are exposed to Google.
What did WhatsApp say on this leak?
On the report of the data leak, WhatsApp said in a statement that since March 2020 WhatsApp has implemented noindex tag for all linked pages, since which these pages are out of Google’s indexing. The company has asked Google not to index these chats.
WhatsApp may be clear on every leak, but somewhere the privacy of WhatsApp is slowly weakening due to which people are looking for other options like Telegram and Signal. Please tell that after the new service condition of WhatsApp, the signal has come in the list of top free apps on the Apple App Store.
“This privacy issue could have been avoided if Whatsapp encrypted the user mobile numbers as well as by adding a robots.txt file disallowing the bots from crawling their domain and a meta noindex tag on the pages. Unfortunately, they did not do that yet and your privacy may be at stake,” he wrote in his blog.
Jayaram had also approached WhatsApp and Facebook regarding the same but WhatsApp rejected the report. “While we appreciate this researcher’s report and value the time that he took to share it with us, it did not qualify for a bounty since it merely contained a search engine index of URLs that WhatsApp users chose to make public. All WhatsApp users, including businesses, can block unwanted messages with the tap of a button,” a WhatsApp spokesperson said in a statement to threat post.