Audio chat social network app Clubhouse is the latest company to have suffered a data breach. Personal data of 1.3 million users in an SQL database was leaked on a hacker forum for free, reported Cybernews. Profile names and followers were reportedly leaked and not sensitive data such as credit card information or legal documents.
Clubhouse CEO Paul Davison, however, refuted the claim and said the supposedly leaked information is already in the public domain and could be accessed by anyone, wrote The Verge. Davison had a strong retort to the allegation of a data leak. “No, this is misleading and false, it is a clickbait article, we were not hacked. The data referred to was all public profile information from our app. So, the answer to that is a definitive ‘no,’” Davison responded at a town hall meeting when questioned.
The public profile information could be accessed by anyone using its API, Clubhouse wrote on Twitter. However, CyberNews argues that the availability of public profile information of a million users was enough reason to call it a data breach. A security researcher for the publication says that even though Clubhouse privacy policy does not allow data mining and scraping, its technical end should have had anti-scraping measures.
Clubhouse has not published any official statement yet, based on the CEOs comments, it seems unlikely it will. We have emailed Clubhouse and will update the article if we receive a response.
Clubhouse rose to popularity after Tesla CEO Elon Musk tweeted a scheduled meet with Robinhood CEO Vladimir Tenev. The invite-only app that is currently only available on the Apple App Store has seen 10 million downloads in the past year. LinkedIn, Discord, Spotify and Slack are now pursuing similar models and have launched similar platforms. Bloomberg last week reported that Twitter had held unsuccessful talks to acquire Clubhouse at $4 billion.
Facebook and LinkedIn both suffered data leaks of upwards of one billion users collectively. LinkedIn, a unit of Microsoft, too said the user data being sold online is not sensitive financial information but simply public profile information.
Also read
- Personal Details Of 533 Million Facebook Users, Including 11 Million Indians, Leaked On Hacking Forum
- Data Of 500 Million LinkedIn Users Data Scraped From Site, Up For Sale: Report
- Upstox Suffers Hack, Data Of 25 Lakh Users Up For Sale On Dark Web
- RBI Orders Forensic Audit Of MobiKwik After Alleged Data Breach: Report
