As reported by TechAdvisor, WhatsApp says it has fixed an issue that meant some users’ phone numbers were showing up unintended in Google search results. Researcher Athul Jayaram posted about the flaw on 7 June, saying “his privacy issue in the WhatsApp web portal that leaked around 29000–300000 WhatsApp user’s mobile numbers in plaintext accessible to any internet user”.
This was down to the behaviour of WhatsApp’s Click to Chat feature where users can start conversations with people using a phone number but without saving the phone number in their contacts. It creates a link via which you can open a new chat. Jayaram found that it was possible to expose phone numbers from Click to Chat by running a search for “site:wa.me”.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.