A database of 487 million WhatsApp users’ mobile numbers has been put up for sale on a hacking community forum. The data set contains WhatsApp user data from more than 84 countries, the post shows. The story was first reported by Cybernews.
The seller of the leaked data is also offering it through the controversial messaging app Telegram, where the person or the group goes by handle “Palm Yunn.” On the hacking community forum, the user is listed as “Agency123456.” The seller claims the database is from 2022.
Meta-owned WhatsApp has more than two billionactive users globally and is one of the most popular mobile messaging apps. If all the records are accurate, this data leak could impact nearly a fourth of all WhatsApp users.
Meta did not respond to email seeking comments on the leak.
WhatsApp data could lead to incidents of fraud
The attackers can use leaked information for social engineering, agreed Anand Prakash, founder of PingSafe and a bug bounty hunter. However, Prakash pointed out that the leaked data itself contains no sensitive information.
“I don't think it is a very critical leak, where someone can read the messages or log in remotely on WhatsApp. The leak only discloses if a number is active on WhatsApp or not,” he said.
Prakash suspects that the leak could have been the result of some vulnerability being exploited or a third party that might have leaked the data. However, the actual source of the leak could not be ascertained. Cybernews has provided a link where users can check if their number is a part of the leaked database or not.
Records of 32 million US users available for $7,000
On the hacking community forum, the seller claims the database has 32 million records belonging to US WhatsApp users. In a conversation with Cybernews, the seller said they are willing to sell the US records to anyone who’s willing to shell out $7,000.
The overall database also has records of 45 million users from Egypt, 34 million from Italy, 29 million from Saudi Arabia, 20 million from France, 10 million from Russia, 11 million from the UK, and 6 million users from India, the seller claimed.
An advertisement was posted on the hacking forum on November 16 by the threat actors announcing the sale of the data.
A sample data set of 1,097 UK and 817 US users’ numbers were sent to Cybernews by the seller and the publication researchers confirmed the data was legitimate. While the US data set is being sold at $7,000, that of UK is being sold at $2,500 and Germany at $2,000, according to the report.
Social media users have been the target for hackers for a while now. Vulnerabilities on such platforms could impact millions or even billions of users worldwide.
For instance, in October, about 1.5 billion Facebook users’ data was put up for sale on the dark web. The attackers had claimed the database contained names, email addresses, phone numbers, locations, gender, and IDs of the users. However, within days of being posted the offer disappeared from the forum. Similarly, in the same month, 500 million LinkedIn profiles were also put up for sale on a hacker forum.
The sellers had also posted 2 million records leaked as a sample to prove the authenticity of the data. The leaked data included the full names of the users, email addresses, phone numbers, and workplace information.