This post is also available in:
עברית (Hebrew)
Large-scale leaks involving phone numbers and messaging accounts are becoming an increasingly common cybersecurity problem. Even when encrypted messaging platforms protect the content of conversations, attackers can still target surrounding user data such as phone numbers, login credentials, and personal details. That information can then be used for phishing, fraud, account takeovers, or identity profiling campaigns.
A newly surfaced dataset posted on a cybercrime forum is drawing attention because of its scale. The threat actor behind the post claimed to possess more than 3 terabytes of data allegedly linked to WhatsApp users, including millions of phone numbers and account-related information. According to Cyber News, security researchers who reviewed parts of the exposed files confirmed that the dataset contains phone number lists categorized by geographic region.
Among the visible records were millions of phone numbers associated with users in multiple countries (including Israel and Russia). Researchers also identified references to files that may contain additional personally identifiable information, including names, email addresses, and home addresses. However, much of the dataset remains inaccessible because some of the archived files were password-protected, without the password being published.
The presence of login information inside portions of the leak suggests that at least some of the data may have been collected through phishing campaigns or infostealer malware rather than through a direct breach of WhatsApp’s internal infrastructure. Security researchers noted that social engineering attacks remain one of the most common methods for harvesting messaging credentials. Victims may be tricked into entering account details through fake login pages, malicious QR codes, or fraudulent support requests.
Researchers also pointed to previous academic work demonstrating that large-scale phone number harvesting from messaging ecosystems is technically possible even without compromising message encryption itself.
From a cybersecurity and defense perspective, datasets containing millions of verified phone numbers can become valuable tools for large-scale social engineering campaigns. Attackers can use them to launch smishing and vishing operations, impersonate trusted organizations, or build detailed identity profiles for future attacks.
While the authenticity and full scope of the leaked data remain unverified, the incident highlights how user metadata, not just message content, continues to represent a major attack surface in modern communications platforms.
Click Here For The Original Source.
