Audio sharing platform Clubhouse has denied the report of data breach. News of a data breach of about 1.3 million users has been circulating around. Clubhouse recently tweeted that the information that there has been a data breach was false. The tweet read, “This is misleading and false. Clubhouse has not been breached or hacked. The data referred to is all public profile information from our app, which anyone can access via the app or our API”. The company therefore cleared the allegation that there has been a data breach with the tweet.
One of such platforms that reported the data breach which Clubhouse is now calling false is Cyber News. According to Cyber News, a SQL database with the personal information of users had leaked online. According to the report by Cyber News, a popular hacker forum had leaked the information of at 1.3 million Clubhouse users. The report also said that the information that was leaked online included the ID of users, Names, Photo URL, Username, Twitter handle, Instagram handle, Number of followers, Number of people followed by each user, the date their account was created, etc.
According to Cyber News, even though the leaked SQL database did not include delicate information like credit card details, “even a profile name, with connections to the user’s other social media profiles identified and established, can be enough for a competent cybercriminal to cause real damage”. Cyber News also reported last week that the information of 500 LinkedIn users had been leaked online. “The four leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor, including their full names, email address, phone numbers, workplace information, and more”, Cyber News reported. In response to this claim by Cyber News, LinkedIn assured users that it has “investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies”. LinkedIn also added that the information “does not include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable”.
