Clubhouse has confirmed that it did not suffer a data breach and leaked records are in fact collected through data scraping.
In the last couple of weeks, threat actors leaked a trove of scraped LinkedIn and Facebook user records. In LinkedIn’s case, the leaked records contained personal details of more than 1 billion users while the Facebook leak had 533 million users’ records.
Now, Clubhouse, an invitation-only audio chat app for iOS with more than 10 million users has become a victim of data scraping. This time, a threat actor has published a database that contains details of 1.3 million Clubhouse users.
What data was published
On Saturday 10th April, a threat actor published a database claiming it belongs to Clubhouse. Hackread.com has seen the data and it can be confirmed that it includes no email addresses or passwords. What it does includes is:
Number of followers
Account creation date
Invited by user profile name
Number of people followed by the user
Links to photos belonging to Clubhouse users.
Example of photos in the database (Image: Hackread.com)
1 of 3
It is worth noting that details about the origin of the data such as whether Clubhouse suffered a data breach or the information was collected through web scraping remained unclear.
However, Clubhouse was quick to react to a ..