WhatsApp informs Irish regulator of 'serious security vulnerability'
Facebook's WhatsApp has informed its lead regulator in the European Union, Ireland's Data Protection Commissioner, of a "serious security vulnerability" on its platform, the DPC said. In a statement, the DPC said: "The DPC understands that the vulnerability may have enabled a malicious actor to install unauthorised software and gain access to personal data on devices which have WhatsApp installed. At this point, WhatsApp has not notified the DPC of the matter under Article 33 -- Notification of a personal data breach to a data protection supervisory authority -- of the GDPR as WhatsApp are still investigating as to whether any WhatsApp EU user data has been affected as a result of this incident. While the possibility remains that EU users were affected and in light of the understood severity of the incident, all WhatsApp users are urged to ensure that the latest version of the WhatsApp application is installed on their device, available via the Apple Store or Google Play Store. The DPC is actively engaging with WhatsApp Ireland to determine if and to what extent any WhatsApp EU user data has been affected." Reference Link