According to reports, a hacker uploaded a dataset to the dark web that contained the private data of around 500 million WhatsApp users.
The hacker claimed in the post, which was published on the hacking forum BreachForums on November 16, to be in the business of selling current personal data for 487 million WhatsApp users in 84 different countries. In the post, the suspected hacker promised to provide “very recent mobile numbers” of WhatsApp users to anybody who purchased the databases.
CyberNews, a technology news website, claimed to have “investigated” a sample of the data set provided by the hacker when it first reported the leak. The assertions made by the hacker were “likely…to be genuine,” according to CyberNews, because the website was able to confirm that 1,914 phone numbers provided by the malicious party actually belonged to WhatsApp users.
The information for 32 million US users, 11 million UK users, and 6 million German users is allegedly contained in the 487 million records, according to the bad actor. According to CyberNews, the hacker said that they were asking US$7,000, US$2,500, and US$2,000 for each of these data sets.
The hacker just stated that they had “applied their method” to get such a significant amount of user data; they made no mention of how they had done so.
This information was released just a few days after it was claimed that Meta, the parent company of WhatsApp, had dismissed staff members for allegedly violating Facebook’s terms of service by breaking into users’ accounts.
Since then, Meta has denied the data leak, with an anonymous official supposedly getting in touch with numerous news outlets that had covered the incident on November 28. These news outlets report that the spokesman claimed that there is “no evidence of a ‘data leak’ from WhatsApp” and that the CyberNews piece is based only on “unsubstantiated screenshots.”
As of this writing, neither WhatsApp nor its parent firm Meta have issued an official statement regarding the potential data leak.