Despite its founder's vow to keep user data private, WhatsApp apparently allows a security flaw that means hackers can download all of your private messages.
IT consultant Bas Bosschert of the Netherlands discovered the vulnerability, Business Insider Australia reported.
Because the database of WhatsApp messages is saved on your phone's SD card, other Android apps can access the information--and some could be malicious.
TechCrunch noted that the issue is "an infrastructure issue for Android more than a gaping security flaw on the part of WhatsApp."
Users are often cavalier with the apps they allow to access their phones. When you allow an app to fully access your phone, it gives hackers room to get into your SD card and data like WhatsApp messages.
Bosschert tested the hacking scheme and detailed it on his website.
"People would only see a loading screen when they started the game," Bosschert said in an email to Business Insider. "They wouldn't notice that their WhatsApp database has been uploaded."
The popular messaging service, which boasts 450 million users, drew even more attention when Facebook purchased the startup for a record $16 billion.
Essentially a free text messaging service, WhatsApp has seen its users more than double in the past nine months and boasts a number of users substantially higher than Twitter's 240 million active accounts.
The alleged privacy vulnerability is especially interesting since the startup has a reputation for protecting user data.
Founded by Ukrainian Jan Koum and American Brian Acton, WhatsApp deletes messages from the company's servers after they're delivered, giving it little to offer to government agencies or anyone else who wants to track users.
Users should be careful of the apps they download, verifying their source and reading the fine print before installing them on their phone, TechCrunch said.
See Now: OnePlus 6: How Different Will It Be From OnePlus 5?