A serious WhatsApp security issue could make your account susceptible to takeover by someone else. WhatsApp has become the leading messaging app worldwide, with billions of users. It has replaced the use of mundane SMS and multimedia messages for sending images. Although your WhatsApp messages are secured by end-to-end encryption, an old WhatsApp security issue, which hasn’t been patched yet, could result in your account being taken over by someone else.
Unlike other messaging apps like Facebook Messenger, WhatsApp does not require a user ID and a password to login. Instead, it is tied to your phone number. This is where the problem arises. When you switch to a new phone number, your old one gets disconnected and is reissued to someone else. However, if you still haven’t switched your WhatsApp account to your new number, your WhatsApp account could be left for takeover by the person who gets your old number.
That means all of your messages and media will be received by someone you don’t know, leaving your data exposed. What’s shocking is this issue has been around for years yet there has been no fix from WhatsApp as of now. One such incident occurred with Vice cybersecurity reporter Joseph Cox back in 2020. He signed up to a new phone number and accidentally took over someone’s WhatsApp account as it was still tied up to the same number.
Protect your WhatsApp account
Worrying about someone who could potentially hijack your WhatsApp account if you ever switch to a new number? There’s a fix for this. One of the ways is to simply switch your WhatsApp account to a new number whenever you change your phone. Another is to sign up with 2FA (Two-Factor Authentication) which requires a separate 6-digit PIN to login.
How to enable Two-factor Authentication on WhatsApp
Open WhatsApp and tap on Settings.
Tap Account, Two-step verification and then tap Enable.
Enter a six-digit PIN of your choice and confirm it.
Provide an email address you can access or tap Skip if you don’t want to add an email address. WhatsApp recommends adding an email address as this allows you to reset two-step verification and helps safeguard your account.
Tap Next. Confirm the email address and tap Save or Done.