Whatsapp is one of the most commonly used communication apps. But, its biggest strength of being a simple phone number based communication might also be its major privacy weakness.
A team of researchers at the University of Vienna explained that they were able to build a massive database containing phone numbers linked to all 3.5 billion WhatsApp accounts. Their findings were shocking and showed just how much publicly visible information could be pulled at a major scale.
The process mimicked everyday WhatsApp behavior. When you add a number, WhatsApp checks if it’s linked to an account and then displays the user’s profile picture and text. The researchers simply automated this process using WhatsApp Web. Their automated system was powerful enough to test almost 100 million phone numbers per hour, making it possible to map the entire user base in a relatively short time.
The surprising part is that Meta was warned about this exact vulnerability back in 2017 and yet no strict protections were introduced for years. It wasn’t until the researchers disclosed their new findings in April 2025 that Meta stepped up.
Meta’s Response
Meta responded to this by introducing rate-limiting measures and anti-scraping protections. The company also credited the researchers and stated that no non-public information was at risk. Still, this could be a big issue and a concern for millions of users, since WhatsApp is their primary communication app.
Comments
Post a Comment