As Whatsapp continues to make amends with its user base regarding its changes and updates in the WhatsApp privacy policies, another user data violation incident has been reported against the company. The Whatsapp Web application has come under fire that has allegedly resulted in WhatsApp leak private mobile numbers via indexing on Google.
For the unaware, the Whatsapp mobile application has its own version of a web application called the Whatsapp Web. The web application basically lets you access the mobile app on your desktop or laptop.
Screenshots of the issue, showing the indexing of private numbers of individuals were brought forward by cybersecurity researchers. “The WhatsApp data leak is happening via Whatsapp Web application. If someone is using this app on a laptop or on an office PC, the mobile numbers are being indexed on Google Search. These are mobile numbers of individual users not business numbers” comment the researchers.
WhatsApp, taking notice of the matter, had asked Google to not index such Whatsapp chats and curb the exposure of private group chat links on the internet. Whatsapp also advises users to not share private links on public websites.
Google indexing private group chat links means that anyone has the ability to join multiple group chats with a simple Google search. Google has since removed these indexed links and seems to have avoided any major data breach concerning private individuals.
Also read,
Whatsapp claims that they had included the “noindex” tag on all deep link pages since March 2020. According to Google, these links will be removed and excluded from indexing.
“We have given our feedback to Google to not index these chats. Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website,” a Whatsapp company spokesperson said.
The WhatsApp leak chat first arose back in February 2020 when Jane Wong, a reverse engineer at Whatsapp, discovered that Google had more than 450,000 results for a simple search of “chat.whatsapp.com”, part of the URL that makes up invites to WhatsApp groups.
The incident so far has been addressed by neither Google nor Facebook, who owns the app.
It surely is unfortunate that the revelation comes at a time when WhatsApp privacy policy is changing and users will have to “agree and accept” if they plan to keep using the app post-February 8.
This Whatsapp leak incident, of course, sheds light on the severe matter that even major companies and large corporations sometimes tend to overlook small glitches and loopholes in their own systems. Even a small miscalculation can lead to intense data and cybersecurity hazards. One can never be too secure when it comes to dealing with cyber-attacks and vulnerabilities.
