An SQL database containing 1.3 million Clubhouse user records has leaked for free on a popular hacker forum,
The leaked database contains a variety of user-related information from Clubhouse profiles, including, user ID, name, photo URL, username, Twitter handle, Instagram handle, number of followers, number of people followed by the user, account creation date, invited by user profile name.
The data from the leaked files can be used by threat actors against Clubhouse users in multiple ways by carrying out targeted phishing or other types of social engineering attacks, and brute-forcing the passwords of Clubhouse profiles.
The leaked SQL database only contains Clubhouse profile information – Cybernews did not find any deeply sensitive data like credit card details or legal documents in the archive posted by the threat actor. With that said, even a profile name, with connections to the user’s other social media profiles identified and established, can be enough for a competent cybercriminal to cause real damage.
Cybernews earlier reported that the personal data and phones of 533 million Facebook users were scraped and published online, and the private data of 500 million LinkedIn users were put up for sale by hackers.
Clubhouse is a new type of social network based on voice—where people around the world come together to talk, listen and learn from each other in real-time. It was launched last year. The platform is only available for iOS users.