Reported that 1.3 million personal information was leaked from voice SNS 'Clubhouse', Clubhouse CEO denied report as 'data released from the beginning'
Clubhouse data leak: 1.3 million scraped user records leaked online for free | CyberNews
https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
Clubhouse CEO says user data was not leaked, contrary to reports --The Verge
https://www.theverge.com/2021/4/11/22378302/personal-information-1-million-clubhouse-users-leaked-privacy-security
Data of more than 1 million Clubhouse users leaked online: Report | HT Tech
https://tech.hindustantimes.com/tech/news/data-of-more-than-1-million-clubhouse-users-leaked-online-report-71618109381850.html
On April 10, 2021, the IT news site CyberNews reported that 'a SQL database containing 1.3 million data extracted from Clubhouse was released for free.' The data extracted from Clubhouse reportedly includes user IDs, names, photo URLs, usernames, Twitter and Instagram IDs, followers, followers, account creation dates, and profile names of invited users. It is said that information such as was included.
Clubhouse, on the other hand, told Twitter: 'This is a misleading and false statement. Clubhouse has not been compromised or hacked. The data mentioned here is the profile information published on the app. , Everyone can access it from the app through the API. '
This is misleading and false. Clubhouse has not been breached or hacked. The data referred to is all public profile information from our app, which anyone can access via the app or our API. Https://t.co/I1OfPyc0Bo
— Clubhouse (@joinClubhouse) April 11, 2021
In addition, 'even Paul Deibison CEO of the Clubhouse to the overseas media · The Verge (reports that data from the Clubhouse has been spill) is an article that was accidentally misleading, click bait this was a true article .Clubhouse has been hacked Not that, the allegedly leaked data is also the profile information published in our app, so the answer to the question of whether the data was leaked from Clubhouse is clearly 'no'. ' did.
In response to this Clubhouse explanation, CyberNews said, 'Sure, the leaked SQL database did not contain sensitive data such as credit card information or legal documents. However, the public profile Even if it's information, the privacy stance of Clubhouse, which allows anyone to collect information on a large scale, remains questionable. ' He said that there is a risk of hacking that combines data leaked from Clubhouse with data of other SNS such as Twitter, and brute force attacks that randomly attack with leaked ID and password.
On Twitter, 'I can only think that someone used Clubhouse's private API to search for user IDs in order from 1 and extract the data. From a technical point of view, I see nothing. It can be said that there is no place to go. '
Honestly this “hack” is not very impressive at all. Like wow, you looped the API from 1 to 2 to 3 for the otherwise publicly available data. Wow, very technically challenging ????
— Jane Manchun Wong (@wongmjane) April 11, 2021
An opinion was posted saying, 'Just because the API data has been released does not mean that it does not infringe on privacy.'
Just because you made the API public doesn't mean it shouldn't be treated as a breach of privacy. I'd say the headline is informative and I'm glad they published it
— Brian Shiny (@shinybraindev) April 11, 2021
Related Posts:
in Software, Web Service, Security, Posted by log1l_ks