Nothing is immune when it comes to the web. Once it's online, there is always a chance that it can be hacked, and/or data can be stolen.
And this is what exactly happened to WhatsApp, the instant messaging giant owned by Meta.
According to reports, some 487 million WhatsApp mobile numbers have been supposedly compromised and sold on a popular hacking forum, potentially exposing those many people to a vast swath of possible fraudulent attacks.
The threat actor claimed that the phone numbers belonged to active WhatsApp users in 84 countries, with over 32 million accounting for U.S. users, 11 million for UK users.
Other big numbers include phone numbers belongs to the citizens of Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), and Turkey (20 million).

Upon being requested, the threat actor shared a sample of data with researchers at Cybernews, who then investigated all the numbers included in the sample.
The researchers then confirmed that all of them are, in fact, WhatsApp users.
The exact sample the researchers were given, contained 1097 UK and 817 U.S. mobile numbers.
While the seller did not reveal their process for obtaining the database and simply said they “used their strategy” to collect the data, it's speculated that the data might have been put together using "scraping," which is a method of collecting information from various online sources.
This speculation was made because massive data dumps were frequently made from scraped data.
At this time, WhatsApp has around 2 billion daily users, and at the same time, the internet's population is around 5 billion.
What this means, it won't be surprising to see a list of phone numbers are directly linked to WhatsApp accounts.
So here, the leak shouldn't be taken lightly.
"In this age, we all leave a sizeable digital footprint – and tech giants like Meta should take all precautions and means to safeguard that data," said the head of Cybernews research team Mantas Sasnauskas.
"We should ask whether an added clause of ‘scraping or platform abuse is not permitted in the Terms and Conditions is enough. Threat actors don’t care about those terms, so companies should take rigorous steps to mitigate threats and prevent platform abuse from a technical standpoint."

In the hacking forum, the phone numbers of the victims were sold at varying prices, depending on the country of origin.
For example, the U.S. dataset is sold for $7,000, the UK for $2,500, and Germany for $2,000.
The leak may directly harm WhatsApp users whose data has been leaked, because the dataset can be sold to threat actors who wish to use the information to conduct malicious attacks such as smishing (fake SMS meant to obtain sensitive data) and vishing (fraudulent phone calls).
Impersonation and fraud are also common worries associated with mobile number leakage.
For this reason, WhatsApp users should remain wary of any unsolicited calls and messages from unknown numbers.
It's worth noting that as soon as the news became viral, the listing was deleted from the hacker forum, and another listing was published in which another threat actor is claiming to sell details of WhatsApp users.
It's also worth mentioning that Indonesia is one of the countries with the largest number of WhatsApp users. From its 90 million people who use WhatsApp, it's the last on the list with only 130,000 numbers leaked.














































































































































































































































































































































































