WhatsApp users may need to take extra steps to protect their account information following a potentially concerning discovery. A study by researchers at the University of Vienna revealed the app’s contact-discovery system enabled the collection of extensive WhatsApp user data at an unprecedented scale due to insufficient rate-limiting across global endpoints.
The researchers were able to gather huge amounts of phone numbers, public profile photos, account status text, business tags, and information tied to end-to-end encryption keys.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies
October 3, 2017
Equifax, the credit agency behind this summer’s breach of 143 million Americans, said this week the number of victims implicated in the breach has increased. Paulino do Rego Barros, Jr., the company’s interim CEO, announced Monday that 2.5 million additional Americans were also impacted, bringing the grand total to 145.5 million affected individuals. Equifax initially called its investigation around ...
- Passwords For 540,000 Car Tracking Devices Leaked Online
September 22, 2017
Another day, another news about a data breach, though this is something disconcerting. Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and businesses using its service. Just two days ago, Viacom was found exposing the keys ...
- More data lost or stolen in first half of 2017 than the whole of last year
September 20, 2017
More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...
- Equifax hack: Britons among 143 million people to have their details compromised
September 8, 2017
Credit agency Equifax has admitted that data from 143 million customers may have been compromised in a security breach earlier this year. US, UK and Canadian residents are among those to have their details accessed through a website application vulnerability. The attack was discovered to have run from mid-May until 29 July, but the US company has ...
- Yet another AWS config fumble: Time Warner Cable exposes 4 million subscriber records
September 5, 2017
Records of roughly four million Time Warner Cable customers in the US were exposed to the public internet after a contractor failed to properly secure an Amazon cloud database. Researchers with security company Kromtech said freelancers who handled web applications for TWC and other companies had left one of its AWS S3 storage bins containing seven ...
- Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3
September 5, 2017
Thousands of resumes and job applications containing the personal information of U.S. veterans, many with top secret clearances, and law enforcement officers were left exposed in an Amazon Web Services S3 bucket, continuing a trend where poorly configured cloud-storage services are putting people at risk. The applicants were seeking employment with a private military contractor from ...

