WhatsApp said a security breach on its messaging app had signs of coming from a government using surveillance technology developed by a private company and may have targeted human rights groups.
WhatsApp, which is part of Facebook, said it had notified the US Department of Justice to help with an investigation, and encouraged all WhatsApp users to update to the latest version of the app, where the breach had been fixed.
One of the most popular messaging tools in the world, WhatsApp is used by 1.5 billion people monthly. It has touted its high level of security and privacy, with messages on its platform being encrypted end to end so that WhatsApp and third parties cannot read or listen to them.
The company said it was still investigating the breach but believed only a “select number of users were targeted through this vulnerability by an advanced cyber actor.”
But its advice to all users to update came “out of an abundance of caution” and a recommendation by Citizen Lab, a research group at the University of Toronto. It did not disclose how many users were affected.
A WhatsApp spokesman said the attack was sophisticated and had all the hallmarks of a “private company working with governments on surveillance.”