The data of approximately 1.3 million Clubhouse users have been posted to a hacker forum, but the iOS app’s developers claim the platform wasn’t hacked, and that the data was publicly available information.
Posted to a forum and openly visible, the SQL database includes many details about the users of the highly popular audio-based social network. Approximately data from 1.3 million users was scraped and placed into the database.
The list of data in the database covers quite a lot of personal information, including the user ID for the account, the user’s name, username, Twitter and Instagram handles, follower and following counts, when the account was created, and who invited the user to join, reports Cybernews.
While seemingly a lot of information, the data in the database is largely made up of information that could be publicly accessible elsewhere. It doesn’t include sensitive information such as a password or an email address, which could have been a more damaging scenario.
Posting to Twitter on Sunday, Clubhouse called reports that it was hacked as “misleading and false.” The app insisted it hadn’t been breached or hacked, and that the data is “all public profile information from our app, which anyone can access via the app or our API.”
The compiled data is the latest in a string of attacks where nefarious attackers scrape data from major services and dump them for open public viewing. On April 8, a cache of 500 million LinkedIn profiles were shared in the same way, but seemingly only including public-facing information.
More famously, on April 3, a similar archive of some 530 million Facebook accounts were published, which was allegedly connected to an undisclosed 2019 breach. In Facebook’s case, the data included more sensitive information, including dates of birth, phone numbers, and email addresses.
This is not the only security scare Clubhouse has endured in its relatively brief existence. In February, it upgraded its security over concerns bad actors in China could potentially spy on users.
The app was then hit by a regulator in Oman deciding to block the app in the country, under pretenses it was a permit issue. Critics were concerned it was an attempt of censorship by the government.
Stay on top of all Apple news right from your HomePod. Say, “Hey, Siri, play AppleInsider,” and you’ll get latest AppleInsider Podcast. Or ask your HomePod mini for “AppleInsider Daily” instead and you’ll hear a fast update direct from our news team. And, if you’re interested in Apple-centric home automation, say “Hey, Siri, play HomeKit Insider,” and you’ll be listening to our newest specialized podcast in moments.