Why anyone ever mentions privacy and security in conjunction with WhatsApp beats me. But for some reason, people still do. Adding to the list of privacy issues that plagues the world’s most popular instant messaging service is this one. Here is a quote from a Mashable article:
According to security consultant Bas Bosschert (and reporters that first surfaced on Hacker News message forum), it’s possible for others to access your private WhatsApp chats through downloaded Android apps.
When you use the app’s built-in back-up mechanism — let’s say to prevent losing messages after uninstalling/reinstalling the app or moving them to a new device — WhatsApp is allegedly using the same encryption code to protect you and everyone else (instead of creating a unique key for each user).
This means the backup is going to a database with insecure storage and the chats could potentially be read and stolen by another app. In theory, the developer behind another app could decrypt and ultimately gain access to those messages.
There you have it. You can get all the details from Mashable’s article, Security Consultant Says WhatsApp Messages May Not Actually Be Private.