whatsapp on phone screen

WhatsApp Hack Leaks 500 Million Numbers

In a recent hack, around 500 million WhatsApp users’ data has been compromised.

Although the platform uses end-to-end encryption, it appears that a hacker (or group of hackers) has used a highly sophisticated method to extract user information, including names and telephone numbers.  

WhatsApp has more than 2 billion users worldwide, meaning this leak has exposed approximately one-quarter of their entire customer base with 11 million users in the UK affected.  

Posting anonymously in a known hacker’s forum, it appears that the UK data list is up for sale for around $2,500. 

whatsapp logo

What This Means for You 

With a quarter of WhatsApp’s users affected, it’s likely that your data has made it onto the list.  

There are several possibilities as to how the data will be used.

Often, when a leak happens, the data will be sold and used in phishing scams. With the recent increase in seasonal/delivery phishing scams, this is the perfect opportunity for scammers to place a bid on data. 

In addition to phishing scams, the data could be used to steal identities.  

Living in a digital world means our identity and online accounts are often tied to our mobile number(s). Including our social media accounts and bank accounts. 

Although a hacker can’t steal your identity with just your phone number, if they have other details from another breach, such as your name, email address and home address, they have a greater ability to do more damage. 

How You Can Protect Yourself 

Unfortunately, if your data is on the list of accounts breached, there’s no way to remove it. However, there are some steps you can take to protect yourself.  

1. Change Your Passwords 

If your mobile number is linked to any of your online accounts, we recommend that you change your password immediately. This includes the Microsoft 365 account you use for work.  

Related: How to choose a secure password

Passwords should be random and hard to guess. Therefore, you should avoid using easily guessable information, such as your name, DOB or pet’s name.

Related: The weakest passwords of all time

2. Enable 2-Factor Authentication 

Once you’ve changed your password, we would also recommend enabling 2-Factor Authentication on your online accounts (if you haven’t already).  

2-Factor Authentication provides an extra layer of security to your accounts as it requires you to enter your username, password and a code sent to you via SMS, telephone call or email.  

If a hacker tries to gain access to an online account with 2-FA enabled, they will be unable to get any further than the login screen without having your unlocked mobile phone in their possession.  

Learn more about 2-Factor Authentication 

3. Be Vigilant of Phishing Scams 

With the lead-up to Christmas underway, we have already seen an increase in seasonal delivery phishing scams.

It’s likely that the data from WhatsApp’s breach will be used in phishing attempts. Therefore, it’s important that you know how to spot a phishing scam.

Certain phishing scams are seasonally themed, for example, there is often an increase in phishing scams around Christmas time.

Your Cybersecurity with Systemagic 

As an ESET Gold Partner with Cyber Essentials and Cyber Essentials Plus certifications, we take cybersecurity seriously.  

Our cybersecurity services cover everything your business needs to remain safe online, including:

  • Web protection
  • Antivirus implementation
  • Microsoft protection
  • Backups
  • Restores
  • Cybersecurity awareness training 

If you’d like to talk to one of our friendly experts about business cybersecurity solutions, don’t hesitate to get in touch

Back to our blog

Are you a looking for IT Support for your business?

Get in touch via our Contact form or call us on 01225 426 800