Check Point Research recently published an advisory detailing an incident in which a threat actor posting on a dark web forum claimed to have stolen the personal information of roughly 500 million WhatsApp users. The advisory analyzes the files that the threat actor claims to have stolen. Check Point confirmed that the leak includes over 360 million phone numbers from 108 countries. However, the security firm was not able to confirm that the leaked numbers belonged to WhatsApp users specifically. Roughly 35 million of the numbers in the files belonged to individuals in Italy, Check Point says.
The information in the files did not expose the content of any messages, however, Check Point stated that it’s concerning to see a large volume of phone numbers for sale on the dark web. The information could be used to conduct phishing attacks in the future. Another security firm claimed that the leaked database is actually a repeat of a Facebook breach that occurred in 2019 via a series of Tweets posted earlier this week. It is unclear whether the data is actually a breach of WhatsApp or if it originates from a previous breach.