Irish data watchdog examining WhatsApp security flaw
Ireland’s data protection watchdog said on Tuesday that it was “actively engaging” with WhatsApp’s Irish division to determine if and to what extent the user data of European Union citizens had been impacted by its latest security flaw.
The Irish Data Protection Commission said it had been informed of “a serious security vulnerability on the WhatsApp platform.”
But because WhatsApp is still investigating whether any EU data was affected as a result of the flaw, the company has not notified the watchdog of the breach under the bloc’s stringent GDPR regulations.
The commission therefore has not yet launched a formal investigation into the vulnerability.
WhatsApp rolled out a security fix on Friday after the discovery that hackers could install surveillance software on phones using the app’s call function.
The spyware was developed by Israeli cybersecurity and intelligence company NSO Group, according to the Financial Times.
The Irish Data Protection Commission is considered to be Europe’s most important data watchdog, since the European headquarters of several social media giants, including WhatsApp owner Facebook, are based in the country.
“While the possibility remains that EU users were affected and in light of the understood severity of the incident, all WhatsApp users are urged to ensure that the latest version of the WhatsApp application is installed on their device, available via the Apple Store or Google Play Store,” the commission said in a statement.