A few days back, we reported about a vulnerability in Facebook that made the phone numbers of users public. According to the report, around 300,000 phone numbers of people were exposed. There is a good news-the issue is fixed now. The issue was found in Click to Chat feature which streamlines conversations. This feature creates a wa.me/ URL that users can share with their friends and customers to start any chat or join a group. Click to Chat feature flaw exposed the personal numbers of many users.
WhatsApp Click to Chat Feature Flaw Fixed
It seems like the messaging app forgot to ask google and other search engines not to index these links. It is the reason why the phone numbers of users were exposed in “site:wa.me” search. After the report has surfaced on social media, the company has de-index the webpages. The phone number will remain part of the URL; however, they will not be indexed.
When the researcher reported this issue, the company said that it was already aware of it and was working on it since February. While telling the notice, WhatsApp said:
“While we appreciate this researcher’s report and value the time that he took to share it with us, it did not qualify for a bounty since it merely contained a search engine index of URLs that WhatsApp users chose to make public. All WhatsApp users, including businesses, can block unwanted messages with the tap of a button.”
Whatever WhatsApp says now the question is if it already knew about this flaw why it was waiting to fix it up after a researcher found it? It seems like WhatsApp made a good story.