Despite Facebook’s claims that WhatsApp’s security is in a much better place than it was during the same time last year, the company faced another rather embarrassing privacy breach. On Sunday, invite links to private WhatsApp messaging groups as well as some user profiles were indexed by Google. As a result, the information started appearing in Google search results meaning anyone was able to join supposedly secure chats and see both chats and related phone numbers.
Your @WhatsApp groups may not be as secure as you think they are. WhatsApp Group Chat Invite Links, User Profiles Made Public Again on @Google Again.
Story – https://t.co/GK2KrCtm8J#Infosec #Privacy #Whatsapp #infosecurity #CyberSecurity #GDPR #DataSecurity #dataprotection pic.twitter.com/7PvLYuM9xD
— Rajshekhar Rajaharia (@rajaharia) January 10, 2021
The issue was promptly addressed by WhatsApp and the links are not available on Google anymore. We saw a similar WhatsApp privacy breach in early 2020. However, this time, according to the company, the users were at fault for this privacy breach. Facebook insists that the app’s security has been greatly improved since last year’s leak.
In the statement, the company said,
Since March 2020, WhatsApp has included the ‘no index’ tag on all deep link pages, which, according to Google, will exclude them from indexing. Like all content that is shared in searchable public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users. Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website.
The incident comes five days after WhatsApp announced its new controversial policy that asks users to share private data with Facebook. Users who decline the new terms and conditions will not be able to avail any of the services the platform offers.