It seemed only yesterday that everyone and their grandmother was fighting to get a Clubhouse app invite. But now, Clubhouse has allegedly suffered a data breach.
And chances are that even if you haven’t yet created a Clubhouse account, at least your phone number could have been compromised.
ALSO READ: Facebook Wants To Copy Clubhouse With ‘Fireside’ Voice Chat App
For those of you who don’t know, Clubhouse is a live audio-chatting app where users create room and speak in real-time (think of voice-based Yahoo Chat Rooms). And Clubhouse managed to create a lot of hype, by playing hard to get — restricting access only by invite on iPhone for a long time before opening its doors for Android users more recently.
And according to a few security researchers on Twitter, Clubhouse has allegedly suffered a database breach, where at least phone numbers of its users (and then some) are up for sale on the Darknet — underbelly of the Web hidden from most netizens.
The alleged Clubhouse hack
According to Marc Reuf on Twitter, “full phone number database of #Clubhouse is up for sale on the Darknet.”
Full phone number database of #Clubhouse is up for sale on the #Darknet. It contains 3.8 billion phone numbers. These are not just members but also people in contact lists that were synced. Chances are high that you are listed even if you haven’t had a Clubhouse login. pic.twitter.com/PfAkUJ0BL5
— Marc Ruef (@mruef) July 23, 2021
In his tweet linked above, Marc Reuf posted a screenshot of the Darknet forum where he saw the alleged Clubhouse data breach being sold. The post is made by a user with a Guy Fawkes mask profile pic (to show he means business?), with further details about the data hack.
The mysterious seller of the alleged Clubhouse database claims “Clubhouse is connected to all their users’ phonebooks”. Each time you add a phone number in your contacts list, “the phone number is automatically added into the secret database of Clubhouse” the post further claims.
ALSO READ: Humans Will Be On Mars In Just Over Five Years, Says Elon Musk In ClubHouse
This way, the allegedly compromised Clubhouse database includes 3.8 billion phone numbers of people who haven’t yet signed up for Clubhouse — they could be in the list by virtue of having their phone number in the phonebook of a Clubhouse user. At least that’s the allegation for now.
Clubhouse isn’t saying anything yet
Let us just say that we haven’t yet had a chance to verify the alleged Clubhouse database. A quick check on Have I Been Pwned — a website that tracks compromised email, phone numbers across publicly available data breach lists — hasn’t yet reported this Clubhouse hack yet.
Of course, Clubhouse themselves haven’t yet commented on the alleged data breach yet. In April 2021, Clubhouse CEO Paul Davison denied reports that personal data of 1.3 million users was leaked via the app, calling the reports “false and misleading.”