Google has indexed the phone numbers sent by WhatsApp. - Andy Wong / AP / SIPA
Phone numbers from WhatsApp have been available on Google in recent days. The search engine was able to index numbers linked to the application, as discovered by Athul Jayaram, an Indian researcher specializing in the detection of security breaches. He reported onMedium.comon June 6.
300,000 phone numbers were affected by this problem that appeared when WhatsApp launched a new feature. This allows you to share your contact card with a simple QR code, specifies Phonandroid . This code sends the recipient to an address constructed from the url "http://wa.me". It is this address, unencrypted, that the search engine indexed and which revealed the coordinates in plain text, explains the researcher.
Possible to filter only French numbers
Before WhatsApp corrected the problem, it was possible to get phone numbers by typing "site: http://wa.me" in Google. "By adding the country code (+33 for France), it was even possible to filter only French numbers" specifies Phonandroid , who did the test. If it was negative with the address "http://wa.me", it was positive by typing "site: api.whatsapp.com". But this last address is no longer indexed by Google.
No reward for the researcher
Even though personal data has leaked, WhatsApp did not consider it to be a critical security breach. This means that the researcher will not receive any reward. "While we appreciate this researcher's report and the time it took to share it with us, it was not eligible for a reward as it was just a search engine URL index that users of WhatsApp had chosen to make it public, ”said the company in its press release, relayed by Futura Sciences . Even if the problem seems to be resolved, it is recommended that users do not use the new contact sharing function in WhatsApp at this time.
Coronavirus: Google Maps will be able to modify your routes according to the crowds
No, the StopCovid app has not been added to your smartphone without your knowledge
- Personal data