WhatsApp data of 11.6 million Malaysians being sold online was recycled from old leak


The seller is charging a different price for each country – Mohd Fazli Azran, who had contacted the uploader, said the price for the Malaysian dataset is US$2,500 (RM11,200). — AFP

PETALING JAYA: An investigation by an NGO found that the data of more than 11.6 million Malaysian WhatsApp users being sold online was recycled from a much older Facebook data leak.

Yayasan Digital Malaysia (YDM), a non-profit that works to improve digital literacy, said that its research showed that the database came from a 2019 Facebook leak that has been trimmed down.

The database went up for sale on Nov 16, with the seller alleging that it contains the records of over 487 million WhatsApp users across 84 different countries.

“By cross-referencing the data from the hacker with the previous 2019 Facebook leaks, we found that the data is identical.

"This was further evident by the matching total number of entries in both databases – 11,675,894 in the Facebook database and 11,675,894 in the WhatsApp database," said Mohd Fazli Azran, YDM's head of digital innovation.

While the original data from the 2019 leak included details such as Facebook display names, phone numbers, gender, country and occupation, the version from this uploader only contains phone numbers.

The seller is charging a different price for each country – Mohd Fazli Azran, who had contacted the uploader, said the price for the Malaysian dataset is US$2,500 (RM11,200).

Meta, the company that owns WhatsApp, said in a statement to the South China Morning Post that it hasn't found any signs of a data leak in its WhatsApp platform.

It said that the findings made by Cybernews, which were the basis of most news reports, were “speculative” and based on “unsubstantiated screenshots”.

Meta was fined €265mil (RM1.22bil) for failing to prevent the 2019 Facebook data leak incident, from which the data for this latest incident originates.

This is not the first time this data has resurfaced – it was made available on hacker forums last year for free in its original form.

Meta responded to the alleged leak by telling Reuters that "the data is old and that the problem had been found and fixed in 2019".

The data was originally scraped via the Facebook search, Facebook Messenger Contact Importer, and Instagram Contact importer tools.

"We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers.

"Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge.

“We are reviewing this decision carefully," the company said.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Tesla increases wages for staff at German gigafactory by 4%
Apple explores push into smart glasses with ‘Atlas’ user study
Japan's Kioxia sees flash memory demand almost tripling by 2028
Hacker gets into woman’s email, changes every password, tries to make purchases
Foxconn says Oct revenue +8.59% y/y, Q4 outlook good
Want to help a friend find love? Give a PowerPoint presentation
Can an Apple�Watch get AFib patients off bloodthinners?
South Korea fines Meta about $15 million over collection of user data
Ehailing service Bolt says it’s launching in Malaysia soon, already licensed by Apad
French IT firm Atos agrees to sell Worldgrid unit to Alten

Others Also Read