• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

  • Home
  • About Us
  • Solutions & Services
    • Security Governance
    • NETWORK SECURITY
    • CLOUD SECURITY
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Data of 1.3 million users leaked in Clubhouse security breach

By kamran | At April 16, 2021

Apr 16 2021

Data of 1.3 million users leaked in Clubhouse security breach

It was only a week ago that hackers were able to gather personal information from billions of Facebook and LinkedIn accounts and were put for sale on the internet. It now seems as if Clubhouse had fallen prey to a similar attack. The audio-only chatting platform oversaw more than 1.3 million users having their records stolen and posted online on a popular hacker forum.

This means that consumers had all the data from their Clubhouse profiles leaked which consisted of their:

  • Full Names
  • User ID and username
  • Number of followers and followings 
  • Other social media account handles
  • Account creation dates
  • Invites sent and who they were invited by on the app 

Is Clubhouse’s API Susceptible to Allowing Mass Scrapes of User Data?

Clubhouse later came forward with a statement regarding the issue, claiming that they did not observe any form of a security breach in their systems. They went ahead and stated that the leaked data was already public information available to anyone and easily accessible through their API(Application Programming Interface).  

These comments did little to ease the general public’s concerns and their user base, as this event showcased the position of Clubhouse with regards to their privacy policy. Public information was obtainable for a large number of accounts through Clubhouse’s API, which can have severe ramifications for user privacy.

Mantas Sasnauskas, a senior information security researcher at CyberNews, called this policy into question, stating that the platform allowed anyone with a token or an API to collect the entire library of public profile information from the Clubhouse app without an expiration period in place for said token.  

He further added that despite Clubhouse having a privacy policy in place which does not permit unauthorized data mining and data scraping, they should take measures to make it difficult for anyone to scrape user data, rather than just writing a few sentences against it in their policy. 

How Can This Impact Users?

The consequence of the public data being leaked online is that cybercriminals can use it to carry out attacks such as phishing and social engineering attacks. On the hacker forum mentioned above, the SQL database posted revealed only public Clubhouse profile information. There were no signs of sensitive data, such as credit card information, present for any user. However, for certain cybercriminals, this basic public information is sufficient and useful in their efforts to commit heinous acts against innocent individuals using these apps.

These individuals are able to compare information found in the leaked SQL database with other data breaches through which they create comprehensive profiles of their targets. This sets a platform for them to conduct identity theft against the people whose information they can find readily available on the hacker forum.

Next Steps

There are a few necessary steps that you must undertake if you are fearful that your Clubhouse profile information has been leaked and published online. This includes:

  • Avoid accepting Clubhouse connection requests from dodgy people who you do not know. 
  • Going forward, create strong passwords and use a password manager tool to help you remember them.
  • Begin enabling two-factor authentication for all your accounts.
  • Be wary of suspicious emails and messages you receive online, as these can contain links that may lead to your privacy being compromised.

Written by kamran · Categorized: Cyber security news

Primary Sidebar

Recents post

Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

Ransomware groups continue to … [Read More...] about Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

With confidential client … [Read More...] about New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

From ransomware attacks … [Read More...] about Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Categories

  • AI and cybersecurity (2)
  • blockchain (1)
  • Cloud security (29)
  • Compliance (25)
  • Cyber security news (108)
  • Cyber security threats (376)
  • Cyber security tips (370)
  • Data Security (3)
  • E-Commerce cyber security (3)
  • Education cyber security (1)
  • Enterprise cyber security (7)
  • Financial organizations cyber security (4)
  • General (22)
  • Government cyber security (4)
  • Healthcare cyber security (19)
  • Information Security (2)
  • Law Firms Cyber Security (9)
  • Network security (9)
  • Newsletter (1)
  • Privacy (1)
  • Ransomware (14)
  • remote work (1)
  • Risk assessment and management (6)
  • Security management and governance (9)
  • SME Cybersecurity (2)
  • Software Security (2)
  • Supply Chain Attacks (5)
  • System security (3)
  • Uncategorized (29)
  • Vendor security (14)

Archives

Footer

Infoguard Cyber Security

San Jose Office
333 W. Santa Clara Street
Suite 920
San Jose, CA 95113
Ph: (855) 444-6004

Irvine Office
19800 MacArthur Blvd.
Suite 300
Irvine, CA 92612

Recent Posts

  • Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted
  • New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks
  • Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Get Social

  • LinkedIn
  • Home
  • About Us
  • Solutions & Services
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Privacy Policy Terms of Use Acceptable Use

Copyright © 2025 | All right reserved