A database seller allegedly listed a database with 487 million WhatsApp numbers from 98 countries all over the world on a well-known hacking community forum. The seller also claimed that the database contained around 11 million WhatsApp numbers that originated from Malaysia.
The leak was first highlighted by Cybernews, where the seller was reported to have posted an advertisement on 16 November on the sale of the 2022 database from WhatsApp. Apparently, there was another listing from the same seller that was dated 25 November.
Besides Malaysia, those countries with the highest number of hacked accounts include Egypt with 44,823,547, Italy with 35,677,323, and the USA with 32,315,282. Malaysia ranked the 12th highest.
This leaked information exposes Malaysians to phishing attacks, marketing purposes, impersonation, and the risk of fraud.
While the seller did not specify how they obtained the database but it is believed that they were obtained by scraping.
This particular technique is against WhatsApp’s Terms of Service as it generally involved sweeping data that is already out in the open and doesn’t usually come from an actual data breach.
Tech giants should take precautions
“In this age, we all leave a sizeable digital footprint — and tech giants like Meta should take all precautions and means to safeguard that data… We should ask whether an added clause of ‘scraping or platform abuse is not permitted in the Terms and Conditions’ is enough.”
“Threat actors don’t care about those terms, so companies should take rigorous steps to mitigate threats and prevent platform abuse from a technical standpoint,” Head of Cybernews research team Mantas Sasnauskas said.
Meanwhile, WhatsApp’s parent company, Meta has not responded to the matter.
As for now, it is advised that you should remain sceptical of any calls from unknown numbers, unsolicited calls, and messages. Also, please be reminded not to click or open any suspicious links.