Private Clubhouse App Hacked, 1.3M Users’ Data Breached Online

Popular social media app Clubhouse was hacked, and 1.3 million users’ data breached online on a hacker forum, yet the company denies any type of hack or breach.

What is Clubhouse?

Clubhouse is an elite invite-only social media platform. It is unique in that it uses audio chat only and the conversations are not recorded or stored anywhere. The app only works on iPhone as of now.

The app is frequented by business magnates such as Elon Musk, entertainers, and other famous people who gather together to have live phone conversations. Each chat room is mediated. Some users simply visit to listen to fascinating discussions; others participate. You can only join after being invited by an existing member. 

Clubhouse was designed by two industry techs (Paul Davidson and Rohan Seth) who wanted to remain connected during the pandemic. However, its popularity quickly took off, and now the app has millions of users and is valued at $1 billion. The app was originally intended to be a live podcast app, but they altered it to allow a conversation feature, and it exploded. The big difference is that it’s all about audio conversations, no text, image, or video chat. 

Mark Zuckerberg, Elon Musk, Mark Cuban, Tim Ferriss, Vanilla Ice, Senator Tim Kaine, and Marc Andreessen are a few of the big names that use the app regularly. 

What Happened?

According to CyberNews, a leaked file containing 1.3 million users’ data was posted on a popular hacker forum that claims the information was “scraped” from Clubhouse accounts. The report mentions that the type of data includes users’ names, user ID, photo URL, username, Instagram and Twitter usernames, the number of followers, how many people the user follows, the account creation date, and who invited them initially. 

That is a lot of data that seems like it would not usually be accessible by outside parties, so why is Clubhouse claiming that they were not hacked and data was not scraped? Time will tell if this is another in the latest social media breaches that extend outward into years of rippled effects. 

How Did Clubhouse Respond?

When questioned about the incident, Clubhouse officials called the report “misleading and false.” Clubhouse also officially commented on Twitter, “Clubhouse has not been breached or hacked. The data referred to is all public profile information from our app, which anyone can access via the app or our API.”

Regardless of their response, the data breached in the leak does put Clubhouse members at risk of identity theft and fraud. Hackers may use some of the details in phishing campaigns or social engineering tactics to gain access to devices, install malware or ransomware, or commit other types of fraud.

How Users Can Protect Their Social Media Accounts

Members of Clubhouse or any other social media platform should always take steps to protect their own data. It is clear, these apps are not secure or always private. Some tips to stay safe on social media include:

• Always use very strong passwords.

• Keep your devices updated with the latest updates to the OS and apps.

• Use good, strong antivirus/anti-malware software to protect against viruses and ransomware.

• Never store personal details in your social media bio (protect your phone number and birthdate), two things used for identity theft.

• Be careful about who you follow and who follows you.

• Never click links in social media or from email.

• Secure your accounts with the maximum settings.

• Turn on multi-factor authentication.

• Review your privacy settings to see who has access to what information. 

• Use common sense and watch out for phishing emails, social engineering tactics, and other signs of fraud.