Sun, November 23, 2025
New Delhi: A newly published study by researchers at the University of Vienna has revealed that a major security flaw in WhatsApp left personal data of nearly 3.5 billion users exposed through the platform’s contact discovery feature.
According to the research team, the vulnerability allowed them to rapidly test and verify phone numbers at scale, making it possible to identify active WhatsApp accounts around the world. Using an automated system, they generated over 100 million queries per hour and eventually collected information linked to users across 245 countries.
The exposed data included details already visible to anyone who has a user’s phone number—such as public keys, profile photos, “about” texts, and activity timestamps. However, the researchers found that even this limited information could be used to infer additional insights, including users’ operating systems, account age, and the number of linked devices.
What adds to the concern is that a similar warning had been raised as far back as 2017, when a security researcher flagged the absence of rate limits on phone-number lookups—an issue that made mass scraping possible. Despite this, the vulnerability remained unaddressed until the Vienna team demonstrated its scale and ease of exploitation.
Within the first 30 minutes of testing, the researchers were able to extract 30 million U.S. phone numbers, and their data collection continued without any pushback from WhatsApp’s servers.
Meta, WhatsApp’s parent company, acknowledged the findings in a statement to 9to5Mac. The company said it appreciated the researchers’ contribution and credited them for identifying a novel enumeration method that bypassed existing protections. Meta added that it had already been developing advanced anti-scraping measures, and the study helped validate their effectiveness.
The company also confirmed that the researchers securely deleted the collected data and that there is no evidence to suggest the vulnerability had been maliciously exploited.
With inputs from IANS
| 14-09-2018 | ||||||
| Sl No. | Parameters | Actual Data(µg/m3) | Standard Limit(µg/m3) |
|---|---|---|---|
| 1 | PM 10 | 64 | 100 |
| 2 | PM 2.5 | 33 | 60 |
| 3 | SO2 | 55.3 | 80 |
| 4 | NO2 | 58.2 | 80 |
| 14-09-2018 | ||||||
| Station | Temperature(degree centigrade) | Rainfall(mm) | Relative humidity(%) | |||
|---|---|---|---|---|---|---|
| Max | Min | Past 24 hrs. | Since 1st March, 2018 | Max | Min | |
| Ranchi | 31.0 | 22.5 | 000.0 | 1010.1 | 95 | 66 |
| Jamshedpur | 34.1 | 26.2 | 000.0 | 1252.8 | 87 | 58 |
| Bokaro | 33.5 | 24.6 | 015.2 | 824.0 | 92 | 79 |
| Daltonganj | 32.6 | 24.9 | 004.2 | 960.9 | 95 | 67 |
© Copyright
Reporter Post.All Rights Reserved |
Powered by: Aptilogic Software |
|
Page rendered in 0.0585 seconds.
