Although WhatsApp is supposedly one of the most secure messaging applications thanks to the incorporation of end-to-end encryption, one user was surprised to find a flaw that allowed her to access the complete history of conversations of another person, and see if this situation could be repeated.
Abby Fuller, developer of Amazon, revealed that when entering WhatsApp with a new phone number the application loaded conversations of a previous user of that number, which the telephone company had previously assigned to someone else, a common practice in companies.
Fuller noted that the iPhone from which he registered was new, that the SIM had never been used before, that the conversations were not encrypted and that they were not restored from a backup in iCloud or Google Drive.
“I entered WhatsApp with a new phone number today and the message history of the owner of the previous number was there, which does not seem right,” Fuller wrote on Twitter.
“And now I wonder: how many more times has it happened? Whoever has my old number now has MY WhatsApp history?” He asked.
“Yes, it was a new device, no, it was not second-hand, it was not a SIM card used, yes, I’m sure it was not my messages, or groups I was added to. Yes, they were plain text. sure it’s my phone number, they were not restored from a backup, “the user explained.
This failure, if it happens again, would represent a serious inconvenience for users, given that anyone who receives a number that was already used could access old conversations, perhaps containing sensitive material.
It could even be used to spy on an active user’s conversations, by stealing or cloning their phone number from another device.
While WhatsApp did not issue any comments on the matter, experts indicate that it is best to activate the login in two steps to further protect privacy.
How to activate the login in two steps
To activate a higher level of security in WhatsApp, you must enter the Settings menu of the application, by clicking on the three points in the upper right corner.