Security researchers have found an SQL file containing the personal data of 1.3 million Clubhouse users available on a hacker forum for free. The information in the file includes names, user IDs, photo URLs, number of followers, dates the accounts were created, profile information, who invited the user to the app, and other information. Clubhouse denies that it was breached, and stated that the data exposed is out there for anyone to take or view. Clubhouse is the latest social media platform to see huge troves of user data collected and posted on an underground forum.
The information could easily be used against victims in phishing and other socially engineered scams, according to security professionals at CyberNews. Clubhouse will not supply additional details on the incident. Although Clubhouse prohibits data scraping, its own API sits online with no protection against it, allowing for bad actors to conduct data scraping as shown in the leak.
Read More: 1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free