A threat actor posted on a well-known hacking community forum claiming to have access to the 487 million WhatsApp users data including mobile numbers, advertising to sell it the latest database for 2022.
It is reported that the database that was put on sale included mobile numbers of WhatsApp users from 84 countries that included Russia, France, Saudi Arabia, United Kingdom and United States. The threat actor further elaborated the numbers saying the breach consists of a data set of over 32 million US based phone numbers, over 11 million of records from UK, 35 million of records from Italy and nearly 10 million records of Russian mobile numbers.
500 million WhatsApp users data: The Dataset
It was revealed that the threat actor was selling the United States records for $7,000 whereas the data set for United Kingdom was being sold for $2,500.

Cybernews did reach out to the threat actor asking for a sample data set to verify the data breach, they received the data set that included of 1097 numbers from United Kingdom and 817 numbers that belonged to United States users. They later verified that in fact the numbers provided in the sample were in fact, WhatsApp users.
The threat actor was questioned about how this data huge dataset was retrieved, how did they get access to such data. To this, the threat actor replied saying that they “used their own strategy” to get access to such data and also added that each of the number in this dataset did belong to “active” WhatsApp users.
The method that is used for retrieving such huge list of active WhatsApp numbers is still unknown to everyone, However, there have been speculations saying it could be because of scraping. Scraping is an automated method of retrieving human readable data, which goes against the WhatsApp’s Terms of Service.
Why people buy such data dumps?
With the increasing number of social engineering attacks that users are experiencing, the attackers are more interested in expanding their target areas. With the threat landscape evolving, the users are directly targeted after their digital presence is profiled clearly.

The increasing interest of buyers could be due to their malicious intentions towards targeting each of the 500 million WhatsApp users, threatening their digital security or on the other hand it could prove to be useful for marketing hacks. We can just talk about all of the possibilities we can think of for now.
Recently, Dropbox’s Github accounts were hacked which was entirely a social engineering attack that escalated to their code repositories getting in the hands of an attacker.
This is not the first time such data dump is put on sale which has caught a lot of people’s eyes and this certainly is not the last time it happened. This has clearly happened with most of the organizations online in the past and will continue to happen as data becomes more of a digital asset everyone battles to win.
Have anything to add? Share it in comments or contact us.