A threat actor has allegedly leaked millions of WhatsApp user records for free on a popular hacker forum, raising fresh fears over account takeovers and identity theft. According to researchers at Cybernews, the massive dump reportedly contains more than 3TB of data, including phone numbers and login information tied to WhatsApp accounts.
Researchers investigating the breach discovered files containing phone numbers sorted by geographic location. The exposed data allegedly includes around 10 million Russian phone numbers and another 4 million linked to Israeli users. Some sample files also reportedly contained full names, email addresses, and even home addresses, increasing the risk of phishing attacks, fraud, and identity theft.
Even more alarming, portions of the leaked files allegedly include WhatsApp login credentials, which could allow cybercriminals to hijack accounts through credential stuffing or targeted attacks. However, much of the dataset remains locked behind password-protected archives after the hacker reportedly failed to include the password needed to access the files.
In a strange twist, the hacker behind the leak claimed they are walking away from cybercrime entirely. In a farewell message posted online, the threat actor said they were shifting focus toward their “personal life and true priorities” after years of activity on underground forums.
Security experts warn WhatsApp users to act immediately. Anyone using the same password across multiple platforms should change their credentials as soon as possible, enable two-factor authentication, and monitor accounts for suspicious activity. Users may also want to consider enrolling in identity or credit monitoring services to help detect fraud linked to leaked personal information.