After generating a raft of worrying headlines, WhatsApp has applied a fix for an awkward data security issue where user numbers were “leaking” online.
WhatsApp had denied the issue was really an issue at all, saying it was all working as planned, but then surprisingly moved to fix it anyway. A Google search returning thousands of numbers didn’t make for good optics, so, it was an issue after all.
The WhatsApp company claims that it has fixed a security issue in the app that caused users’ phone numbers to appear on Google search results.
Atol J. Ram, an internet security researcher, said users were complaining that phone numbers used for the click-to-chat feature were appearing in Google searches, according to technology website TechCrunch.
J. Ram said that click-to-chat creates a link in which users’ phone numbers appear in plain text. However, if there is no robot.txt file in the server root for these links, it will be indexed by Google or other search engines. They get shows.
He said that he saw 300,000 phone numbers in Google search results which can be searched as ‘site: wa.me’.
WhatsApp provides instructions on how to create your own link and even to do so with a pre-filled message. Jayaram suggests that these numbers provide an opportunity for scammers or hackers to target those users, either on WhatsApp or by reverse searching their profile images to link those phone numbers to other social media sites using the same profile pictures. Back in 2018, Facebook ended its search by phone number tool for reasons of privacy and security.
According to the report, this is not the first time the issue has been reported. Earlier in February, WaBetaInfo had also pointed it out.
However, a spokesman for WhatsApp said on the new security issue that the Click to Chat feature was designed to help users, especially small and micro businesses, stay in touch with their users.
In 2018, Facebook stopped users from finding people with the help of phone numbers.