WhatsApp fixes issue that showed phone numbers in Google searches
WhatsApp says it has fixed an issue that meant some users’ phone numbers were showing up unintended in Google search results. ResearcherAthul Jayaramposted about the flaw on 7 June, saying “his privacy issue in the WhatsApp web portal that leaked around 29000–300000 WhatsApp user’s mobile numbers in plaintext accessible to any internet user”.
This was down to the behaviour of WhatsApp’s Click to Chat feature where users can start conversations with people using a phone number but without saving the phone number in their contacts. It creates a link via which you can open a new chat.
Jayaram found that it was possible to expose phone numbers from Click to Chat by running a search for “site:wa.me”.
In a statement toTechCrunch, a WhatsApp spokesperson said:
“While we appreciate this researcher’s report and value the time that he took to share it with us, it did not qualify for a bounty since it merely contained a search engine index of URLs that WhatsApp users chose to make public. All WhatsApp users, including businesses, can block unwanted messages with the tap of a button.”
The spokesperson went on to say that WhatsApp made a change that stopped web crawlers from indexing the link data, stopping the flaw. The issue arose from the fact people using Click to Chat were unaware that the process made the phone numbers public, which WhatsApp had not made clear enough in the set up process.
Author: Henry Burrell, Contributor
Previously Tech Advisor’s Phones Editor, Henry covers and reviews every smartphone worth knowing about. He spends a lot of time moving between different handsets and shouting at WhatsApp to support multiple devices at once.
