Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for almost a third, the biggest personal data exposure ever by some measures.
https://www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/
Andy Greenberg
npub13v…jaerq
2025-11-18 14:09:32 UTC
Author Public Key
npub13vaws3s3ldlvdyvgmteneunsm25x97t0ys8rwe0h7rdkad7uvugs5jaerqSeen on
wss://relay.momostr.pinkPublished at
2025-11-18 14:09:32 UTCEvent JSON
{
"id": "08f9241e42efe620f6d5fca9c29023bf61be436b75c6a59a14452854db5abd01",
"pubkey": "8b3ae84611fb7ec69188daf33cf270daa862f96f240e3765f7f0db6eb7dc6711",
"created_at": 1763474972,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@agreenberg/115571095812335315",
"web"
],
[
"proxy",
"https://infosec.exchange/users/agreenberg/statuses/115571095812335315",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/agreenberg/statuses/115571095812335315",
"pink.momostr"
],
[
"-"
]
],
"content": "Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for almost a third, the biggest personal data exposure ever by some measures. \nhttps://www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/",
"sig": "7909c0d02c5f3da4fcf64965265f8b4c6bce6a975fb6aa5778d4a36d4ecb0a7cc9cf4bd406e06a30de010b33e234282e62a9e1b99d9a293748c2f0d29da6213c"
}