According to PhoneArena, 1.3 million clubhouse users personal data has been leaked. That is a lot of data to be floating around the internet. The Clubhouse app has literally been one of the fastest growing applications in the last few months. It’s an app that has a simple premise too. It is an audio-only chatroom that requires an invitation to join.
The application is also only on iOS at the moment with an Android version a few months away. With that in mind, it makes the size of the data leak even more amazing. There have been malicious cybercriminals who have been using the new app for their schemes.
In fact, one involved fake ads on Facebook which attempted to get victims to join the Clubhouse for PC. For anyone out there wondering why this is an issue, it’s because there is no PC version. Signing up would result in users getting the malware that shares the user’s devices. Thankfully the ads have been removed.
Now the 1.3 million accounts that had their data leaked, are scraped user records. The incident took place some days after more than one billion user records from Facebook and LinkedIn were offered up for sale. The main issue is that the ones from Clubhouse are being made available for free. That right there is just terrible.
Data in the leak includes the User ID, Name, Photo URL, Username, Twitter handle, Instagram handle, Number of followers, Number of people followed by the user, Account creation date, and the user profile name of the person who invited the subscriber.
1.3 million clubhouse users personal data is freely available via Clubhouse’s API
That is basically everything that the platform has on the subscriber. Again, this is all floating around online for free. Of course, Clubhouse has a response. The company says that they have not had a data breach. In addition, the company says that the information in the leak is available for free via the company’s API. That doesn’t make things much better.
This actually seems worse and can make many users question the app’s privacy policies. And the world knows how privacy policies can put a company in an awkward position.
The crazy thing is that this happens a lot. But what makes it crazier is the fact that Clubhouse says this information is readily available via their app or API. This brings into question the ethics behind the company and raises more questions. Like why is this sensitive information readily available?