Accidental WhatsApp Account Takeovers? It’s A Thing

A stranger may be receiving your private WhatsApp messages, and also be able to send messages to all of your contacts – if you have changed your phone number and didn’t delete the WhatsApp account linked to it.

Your humble vulture heard this bizarre tale of inadvertent WhatsApp account hijacking from a reader, Eric, who told us this happened to his son, Ugo.

“This is a massive privacy violation,” Eric said. “My son had long-lasting access to that person’s private messages as well as group messages, both personal and work related.”

The security hole stems from wireless carriers’ practice of recycling former customers’ phone numbers and giving them to new customers.

WhatsApp acknowledges that this can happen, but says it’s extremely rare.

“We take many steps to prevent people receiving unwanted messages, including expiring accounts after a period of sustained inactivity,” a WhatsApp spokesperson told The Register. “If for some reason you no longer want to use WhatsApp tied to a particular phone number, then the best thing to do is transfer it to a new phone number or delete the account within the app.”

“In all cases, we strongly encourage people to use two-step verification for added security,” the spokesperson continued. “In the extremely rare circumstances where mobile operators quickly re-sell phone lines faster than usual, these additional layers help keep accounts safe.” 

It’s not a widespread problem, at least not yet, but a data privacy issue nonetheless, and a cautionary tale for users of

Read more

Explore the site

More from the blog

Latest News