You may not have heard of Clubhouse, the trendy social network, accessed by invitation only. But it is clear that the bad guys know her ...
According to Wikipedia, Clubhouse is an audio chat social network launched in 2020 by Alpha Exploration Co. In December 2020 it was valued nearly $ 100 million, while on January 21, 2021, the listing reached $ 1 billion.
Here we will not talk about the tech bubble or the desire everyone has to find the new Facebook, Twitter or, if possible, all together at the same time.
The fact is, holding conferences in the Clubhouse is the latest trend, and all gurus invite friends and followers to listen to them at their events on that platform.
Everything would be great if it weren't for… now your users' data is already available on the Internet.
Data from around 1,3 million Clubhouse users was posted in a forum, but the developers of the iOS app assure it wasn't because the platform was hacked and that the data is made up of already public information.
Posted in a forum and visible without the need for special tools, the SQL database includes many user details such as user ID, username, nickname, Twitter and Instagram addresses, accounts they follow and what follows them, when the account was created and who invited the user to participate.
While it seems like a lot of information, all the data in that database is made up of information that may have been located in other ways and that does not include passwords or email addresses (although the information it does include can go a long way in creating a complete profile of a user. ).
According to Clubhouse on Twitter, the information they claimed to have been hacked was "misleading and false" and that the information is about the public part of the users of their app, which anyone can access through the app or API. "
Without going into whether it has been hacked or not, leaving a SQL database with user lists available to anyone does not appear professionally or ethically responsible.
Admittedly, this leak is trivial compared to the one suffered by Facebook a few days ago, in which some 530 million Facebook accounts were opened, due to an undisclosed breach in 2019. In the case of Facebook, the data includes the dates. of birth, telephone numbers and email addresses.