Techlore Surveillance Report WhatsApp Leaked 3.5 BILLION Numbers
12 snips
Nov 20, 2025 This week dives into a massive WhatsApp flaw that exposed 3.5 billion numbers, raising serious privacy concerns. There's also a discussion about Google's new restrictions on sideloading, impacting Android freedom. The Digital Omnibus proposal from the EU could weaken GDPR protections significantly. Alarmingly, attempts are underway in Wisconsin and Michigan to ban VPNs based on dubious age verification claims. Plus, a recap of major data breaches and service updates keeps tech enthusiasts informed.
AI Snips
Chapters
Transcript
Episode notes
Massive Phone Number Enumeration
- WhatsApp's contact-discovery flaw allowed researchers to enumerate 3.5 billion phone numbers by exploiting weak rate limiting.
- Henry warns this is effectively the largest data exposure if abused, and researchers deleted their copy after responsibly disclosing it.
Rate Limiting Was The Single Point Of Failure
- The root cause of the WhatsApp exposure was weak or missing rate limiting on contact-discovery endpoints.
- Henry stresses even large companies with massive budgets can fail at basic mitigations like rate limiting.
Harden WhatsApp And Add A Second Messenger
- If you use WhatsApp, enable all available profile privacy settings to limit exposure.
- Henry recommends installing a second messenger like Signal to reduce reliance on WhatsApp.