Expert claim data leaks, Clubhouse denies

Just like any other day, news of data leaks has become a norm in the digital age. In this series, weeks into the leaking of scrapped data of Facebook and LinkedIn users were leaked, a cybersecurity expert claimed that the phone numbers of Clubhouse users-an an audio social app has been leaked and are available for sale on the dark web. This information was shared by Jiten Jain on July 24. He further claimed that in total 3.8 billion phone numbers from the phonebooks of Clubhouse users are available on a database.

The clubhouse is a popular socio-audio application where users can communicate with each other in voice-only chatrooms. Initially, it had an invite-only system to register for the app but recently the founders of the app announced that the social media app was going wide, out of its beta version, and will allow users to register without an invite just like any other SM platform. This app was released during the last year after the onset of the Covid Pandemic in April 2020. It had gained popularity as due to lockdown people were packed in their homes and it gave them a wonderful place to talk to people including strangers.

This app has been earlier into controversy when Stanford University in the USA cautioned the users that the app may be leaking out the audio data of users’ conversations to the Chinese Government. Also, as claimed by Stanford Internet Observatory, the app is getting backend infrastructure support from Agora, a Shanghai-based company. Earlier, in April also there was a news which claimed that the data of 1.3 million Clubhouse profiles has been leaked online. The company had later called such news false and misleading.

The self-proclaimed hackers in their claim have said that they were able to evaluate the level of a network of each phone number and have the ability to do a ranking of phone numbers. They also said that the list includes the phone numbers of some very influential people and valued the user data at $3 billion.  

However, contrary to the claim, Clubhouse in a statement to IANS has denied all such claims and stated that “There are a number of bots, generating billions of random phone numbers. In an event, one of these coincides with the users’ data is a purely mathematical coincidence, Clubhouse API returns no user identifiable information.”  Many cybersecurity experts have said the leak claim to be fake and denied breach allegations. Further, the SQL database being alleged claimed as the user information was termed as a bad sample by the hackers’ forum, as it had a lack of personal information which can be used to target specific users.

We recommend the readers update their passwords and try to use multiple-layer encryption for all the social media apps. Further, you should not provide any personal information on-call or online messaging and also don’t open any link received from non-trusted sources.

Also Read – Day-3: Rough for India as compare to day-2