A threat actor just posted an ad on a hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers. The dataset allegedly contains WhatsApp user data from 84 countries and the threat actor claims there are over 32 million US user records included.
Another huge chunk of phone numbers belongs to the citizens of Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), and Turkey (20 million).
The seller did not specify how they obtained the database, suggesting they “used their strategy” to collect the data, and assured that the numbers in the instance belong to active WhatsApp users.
Cybernews reached out to WhatsApp’s parent company, Meta Platforms, but received no immediate response.
The information on WhatsApp users could be obtained by harvesting information at scale, also known as scraping, which violates WhatsApp’s Terms of Service.
This claim is purely speculative. However, quite often, massive data dumps posted online turn out to be obtained by scraping.
ALSO READ: HOW TO KEEP YOUR ONLINE PERSONAL DATA THEFT-FREE WHILE USING A PUBLIC INTERNET CONNECTION