Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum.
The leaked database contains a variety of user-related information from Clubhouse profiles.
Clubhouse has issued a statement about the incident on social media, saying they have not experienced a breach of their systems. The company said that the data is already publicly available and that it can be accessed by “anyone” via their API.
In addition to sparking a heated debate under the company’s statement on Twitter, this raises some questions about the privacy stance of the company: allowing everyone to gather and download even public profile information on a mass scale can have severe negative consequences for user privacy.
According to CyberNews senior information security researcher Mantas Sasnauskas, the posting of scraped Clubhouse user data reveals a potential privacy issue within the social media platform itself: “The way the Clubhouse app is built lets anyone with a token, or via an API, to query the entire body of public Clubhouse user profile information, and it seems that token does not expire.”
Full article on https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
#clubhouse #dataleak #user #yokdata #blog #mindyourdata