WhatsApp data breach sees nearly 500 million user records up for sale

UPDATE: Following further investigation, Check Point says it cannot prove the numbers are from WhatsApp, or that this is a recent hack.

In an updated blog post, the company said it “has been claimed” that there  is evidence that the leaked database is actually a re-use of an older 2019 Facebook leak.

A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale.

The post, which multiple sources have confirmed is likely to be true, claims to be selling an up-to-date, 2022 database of 487 million mobile numbers used on WhatsApp, which contains data from 84 countries.

This means that almost one-quarter of all WhatsApp’s estimated two billion monthly active users are possible at risk.

WhatsApp data breach

More than 32 million of the leaked records are said to be from users in the US, with 11 million from UK users. Other affected nations include Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), Turkey (20 million), and Russia (10 million). 

It seems that individual countries’ data is up for grabs, with the US dataset up for $7,000, and British numbers up for a similar per-capita figure of $2,500.

Most alarmingly, it doesn’t seem to be an empty promise designed to threaten the Meta-owned company, with almost 2,000 numbers shared with Cybernews in a sample request verified to be WhatsApp users.

Leaked phone numbers could be used for any number of reasons, including marketing and phishing, highlighting the importance of a good ID theft protection tool.

This isn’t the first time that WhatsApp has hit the headlines for data security, and while it may not be alone, its history is one that has been plagued with vulnerabilities and scams.

TechRadar Pro has reached out to Meta to verify the authenticity of this seller’s claims and for further comment, which will be posted here if and when received. 

Via Cybernews