/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us/pcq/media/post_banners/wp-content/uploads/2019/07/gb-whatsapp-new.jpg)
Whatsapp has a serious design flaw in its system. Whatsapp is owned by Facebook and is the most used messaging service in India. The world’s most popular instant messaging service has a bug that has led to the leakage of users’ numbers on the internet. This bug was found by Athul Jayaram who is a cybersecurity expert. He found that the mobile numbers of many users are available at a simple Google search. He said in a blogpost “privacy issue in the WhatsApp web portal that leaked around 29000 – 300000 WhatsApp user’s mobile numbers in plain text accessible to any internet user.”
/pcq/media/post_attachments/wp-content/uploads/2019/11/whatsapp.jpg "whatsapp")
The numbers are from multiple different countries including India. He noted that the mobile numbers of these users are available online and not on the dark web which makes it even more troubling. The bug is a result of Whatsapp not adding a robots.txt file in the click to chat feature which lets the Google crawlers index the numbers of the users. The click to chat feature of Whatsapp generates links (https://wa.me/”) which are shareable on many platforms. The problem is that the link doesn’t encrypt the phone number of the sharer and doesn’t have any robot.txt command within it which lets the Google crawlers go through the link and index the phone number. Even if the link is deleted by the user it has no effect since Google has already crawled and indexed the phone number.
This has led to many users phone numbers being available on Google which could lead to their phone numbers being misused. In this era when we have everything from our bank accounts, aadhar, pan, and UPI services linked to our phone number this type of design flaw can prove fatal. We don’t know when this will be resolved by Whatsapp but for the time being all the numbers are available on Google.