Personal data of over 1,3 million Clubhouse users was recently discovered in open-access on one of the hacker forums and reported by Cybernews.
Clubhouse data leak forum post

The leaked database contains a lot of user-related information, including:

  • User IDs, usernames, and real names
  • Number of followers and users followed
  • Other social media handles (including Twitter, Instagram, and Facebook)
  • Account information
  • Names of people invited by the user
  • Photo URLs

After the leak was discovered, Clubhouse has issued a statement saying that information about the leak is “misleading and false“.

According to Clubhouse, the user data shown in the leak is public-domain and anyone can access it through the app itself or Clubhouse’s API.

Wait, what?!

This means that anyone can scrape the social media platform’s SQL database and get as much user information as they can carry.

Even though the leaked data does not contain sensitive and personal information, in the hands of a competent hacker it can still be used to carry out targeted phishing and other social engineering attacks.

If you are worried this leak can affect you, we recommend:

Leave a Reply

0 Comments
Inline Feedbacks
View all comments