WhatsApp May Be Leaking Your Personal Data

WhatsApp is at the forefront of messaging apps these days. It does boast over a billion users after all.

Now with those billion users also come a billion different people to hack into.

Thankfully WhatsApp fixed that problem somewhat by adding end-to-end encryption to all conversations. This gave the users some semblance of privacy and security.

Spring a Leak?

However, certain scenarios can’t be ruled out. What if WhatsApp itself leaks valuable personal information, despite the encryption measures in place?

Turns out that the app did indeed leak your data in a previous version of WhatsApp (back in June). YouTube user Colin Hardy discovered the issue:

To simplify the issue for everyone, Whatsapp can potentially leak data, with the problem laying with web previews. This is when you type in a website in your WhatsApp conversation and a preview (snippet) shows up above your message as you type. Most users love that and it’s a useful feature as well.

How WhatsApp Leaks Your Data

As you’re typing, WhatsApp will send queries through your IP address directly to the website.

Lets say you’re typing in YouTube.com. WhatsApp will send a request directly through your IP address (the request is traceable) to the website in question (YouTube in this case).

Despite being end-to-end encrypted, WhatsApp will leak your IP address into the wild.

So if someone malicious seems to be watching your activity, they can directly trace your IP through WhatsApp’s query.

How Twitter Avoids This Problem

Normally requests are sent through the service’s own servers. Twitter, for example, sends website queries through its own server instead of directly using your IP address. The link itself is sent in the form of plain text to the server which then requests for a preview using its own IP instead of using yours.

Fortunately WhatsApp recently got updated so they may have fixed the issue. We’re currently testing to see if the problem still persists. Until then, it is prudent to not share links until WhatsApp officially clarifies its stance on this security issue.

A techie, Overwatch and Street Fighter enthusiast, and Sub Editor at ProPakistani.


  • M Waseem Akhtar

    Who cares about leaks when whatsapp can easily be hacked. You have to scan the code once and the victim is permanently busted leaking all chats and shared media.

    Don’t hand over your phone to anyone specially any hardcore android user. There are many apps available on android store that can be used to hack whatsapp.

    • Ali Hasan

      You can simply log out from browsers, option given in app… It’s your fault you give your mobile to others.

      • M Waseem Akhtar

        Everyone isn’t smart like you.

        • FuriousNinja

          It’s the number one rule actually that if you access services like these in a computer that is not yours then it is your responsibility to logout from those services as well. So no, only irresponsibility can get your privacy breached in browser based WhatsApp.

    • Shahid Saleem

      If you give your phone to someone else, you have violated first law of security: YOU GIVE OTHERS PHYSICAL ACCESS.

      Once other people have physical access, you lose. It does not matter what kind of phone or computer or software you have.

      So your described situation HAS NOTHING TO DO WITH WHATSAPP.

  • FuriousNinja

    This is not just about WhatsApp and it is not a shocker.

    All these social networking sites, they are doing the same. Ahm ahm *facebook*.

    • Muhammed Ovais Alam

      Don’t say anything about FB.
      People will not believe you because FB is saint.

      • FuriousNinja

        The thing is, we Pakistanis put so much personal info there. Like what are our hobbies, study details, job details and so much more. Every thing is filled in perfect details. Then they use status updates for each and everything they do. It is obvious that this kind of info is a gold mine for you-know-who for targeted campaigns.

        • Muhammed Ovais Alam

          Plus we gave FB our phone number too and access to our contacts too. Matlab k zindagi hi pori khol kr day di unhain.

  • Taimur

    Telegram is far more better than whatsapp, specially in terms of security and features, they even now have bots and other unique features which whatsapp should adopt with it’s security features, but they so lag behind in the updates, and most of the updates are just bug fixes..

    • Shahid Saleem

      Telegram security is a lie.

      Use Signal.
      Use Whatsapp.

      Don’t use anything else.

  • Muhammad Zain

    Everything can be hacked/leaked in this era, use basic phone if wanna stay safe

  • Nokia 3310 Is Safe !