This week, we discovered that a vulnerability had been exploited and was used as part of the well-publicised WhatsApp security breach.
Arguably, news of this latest data breach couldn’t have come at a worse time for the owners of the messaging platform, Facebook, who remain embroiled in data and privacy issues that have arisen in the last few years. WhatsApp’s end-to-end encryption that was enacted recently has perhaps made us all feel a little more secure when using the messaging service, but this week’s hack has been cause for alarm.
The vulnerability is said to have been resolved, but with unknown numbers of people affected, should we be worried?
About the WhatsApp security breach
It’s understood that this week’s WhatsApp security breach was a targeted effort against specific individuals or groups. It’s widely believed that an unnamed UK human right lawyers was a target, as were human rights groups.
It has also been suggested that the attack was potentially state-sponsored, and that a, “select number of users were targeted through this vulnerability by an advanced cyber actor”.
This could lead the ‘average Joe’ to breathe a sigh of relief in knowing they were likely not the target. But that doesn’t mean that everyone is safe…
How did the breach happen?
Investigations remain ongoing, but with end-to-end encryption in place, the incident appears to have happened through the use of spyware. Before messages are sent and encrypted, and after they are received and decrypted, they could be vulnerable to spyware.
The bug has been rectified, and people are being urged to make sure their app is up-to-date to keep themselves safe and secure.
Should we be worried about the WhatsApp security breach?
The WhatsApp security breach is perhaps another reminder that even the biggest and well-financed platforms can always be vulnerable to an attack.
Keeping ourselves as secure as we can is important, and incidents like this are a stark reminder as to why. Ensuring we have strong passwords, two-factor authentication where possible, and keeping our software up-to-date can be the difference between falling victim to an attack, and staying safe in today’s digital era.
The incident does raise questions about how much we can trust the apps that we use, though. With many apps potentially vulnerable and leaking or sharing data – often without people even realising it – there’s always cause for concern when a hack of this scale and nature takes place.