Today, in a work-related panic to troubleshoot a technical problem with a colleague stuck overseas with only data-service, I broke my own rule to never install a phone app without researching it exhaustively. He needed help, and only had WhatsApp with which to send/receive text messages, so I just installed the app to get the job done, and put out the fire.
Two hours later, I checked in on Facebook, and something caught my eye. It was a suggested friend. That’s pretty common, but what got my attention was that a) we had no friends in common, and b) he was someone I only know professionally. I confirmed from the profile that it was in fact that customer, and not someone who just happened to have the same name. It spooked me a little, like maybe he was stalking me, or something.
After lunch, I checked in again, and saw two more suggested friends with whom I have no social connections, but who I know professionally. Now I was starting to worry about hackers, so I paid attention. The only risky thing I’ve done recently was install an un-vetted app, so I started with WhatsApp. I found this article, and confirmed that, in fact, after Facebook bought WhatsApp, they changed terms, giving themselves the right to upload your entire contact list to their servers!
So it seems that Facebook got hold of my extremely large and professionally sensitive contact database, scanned it for email addresses, and started suggesting connections to those contacts who used the same email for Facebook as they had given me. Due to a momentary lapse in judgement, I have handed over over a database of over 1000 people, with massive amounts of detailed personal information on many of them, and rather sensitive professional data on not a few. The bastards have my father’s social security number and bank account numbers! (If he weren’t two years gone, I’d be having a panic attack right now…)
I apologize to all my friends and colleagues whose home addresses, personal phone numbers, and emails are now in the hands of Facebook’s marketers or worse. I was a fool, and I hope none of you will pay the price for that foolishness!
Please learn from my example. Keep far away from this app (and Facebook’s app, which I just learned has this same condition of use!), and ALWAYS DO YOUR RESEARCH!
I am furious right now…
So how does one get rid of this app if they downloaded it????
I uninstalled it almost immediately (on android, Settings>Apps>WhatsApp>Uninstall), which should stop any further leakage. Unfortunately, I can’t get the info taken back, although I *have* sent them an email asking what remedies they might supply!
Thanks Blaise! I didn’t eve know I had installed this but I keep getting messages that I have received a voicemail!
Darn… keep us informed if you find something.