Wednesday, January 26, 2022

Private WhatsApp Groups have been accessible through Google Search

Are you part of a private group on WhatsApp? Do you know everyone in the group? How did they all join in? Did anyone use the “Invite to Group via Link” feature? Well, do a double check of everyone in your group. Make sure you know all of them, because as it has now been revealed, data on Private WhatsApp groups has for a long while now been exposed to Search Engines including Google. And Facebook, the company that owns WhatsApp, has been in the know.

Apparently, Google and other Search Engines, have been indexing these invite links from WhatsApp leading to the potential exposure of very many private groups’ metadata. Do note that not all groups have been exposed. The Invite Link has to have been shared somewhere online for the indexing to work. And no, this isn’t Google’s fault. It is Facebook’s.

First reported by DW journalist, the design flaw allowed URLs to be indexed on Google. A simple search using the “SITE:” modifier on Google, with some keywords, would lead you to some interesting groups. You could then simply click on the link, and join the group. And that way you could have details, and numbers, of everyone in the group.

WhatsApp, in a statement to VICE, has said:

Group admins in WhatsApp groups are able to invite any WhatsApp user to join that group by sharing a link that they have generated. Like all content that is shared in searchable, public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users. Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website.

Thousands of people private groups, and details can be accessed online, and the company is downplaying the issue. Remember, WhatsApp is one of the biggest platforms in the world. Millions of people use the platform for different things, some even for work and sensitive information.

This is something the company could have avoided by adding simple ‘tags’ to their links. A noindex request tag added to the links would tell Search Engines not to index these links.


Leave a Reply

Dickson Otieno
I love reading emails when bored. I am joking. But do send them to

More to read:

PayPal accused of stealing users’ money in frozen accounts

PayPal is facing a class action lawsuit accusing them of freezing users accounts without offering any explanations and unjust enrichment.

Telkom T-Kash App; Everything to Know

Telkom has recently launched the T-Kash App allowing customers to access all mobile money services from one app. Here are my thoughts

Netflix increases prices in US & Canada

Netflix has announced increased subscription fees in the United States and Canada in what appears to now be annual expected change.

Bolt now valued at €7.4 billion after €628 million investment round

Bolt says % it will use the funds to accelerate the expansion of their mobility and delivery products across Eastern African markets.

Samsung Kenya bets on Online Shopping in new partnership

Samsung has gotten into a partnership with BrandCart Limited to launch an online shop offering deliveries across Kenya

I&M Bank rolls out unsecured loans of up to KES 3 Million

I&M Bank customers will access a minimum of 50K up to a maximum of 3 million without providing any collateral or guarantor as security.