According to a report, the mobile numbers of nearly 500 million WhatsApp users were sold online in what is being called one of the largest data breaches.
According to the report, a threat actor advertised on a well-known hacking community forum that they were selling a 2022 database of 487 million WhatsApp user mobile numbers.
According to the report, the database contained mobile phone numbers of WhatsApp users from 84 different countries, including Italy, the United Kingdom, the United States, Russia, France, and Saudi Arabia.
According to the threat actor, the data set contains more than 32 million US user records, 35 million Italian records, over 11 million UK records, and nearly 10 million Russian user records.
The actor stated that the dataset for the United States was $7,000 and the dataset for the United Kingdom was $2,500.
According to the report, attackers primarily use the information for smishing and vishing attacks, and WhatsApp users should be wary of calls and messages from unknown numbers.
According to the report, the information on WhatsApp users “could be obtained by harvesting information at scale, also known as scraping,” which violates the messaging platform’s terms of service.
It further points out that the seller’s claim is purely speculative. “However, quite often, massive data dumps posted online turn out to be obtained by scraping,” the report said.