Large-scale data leakage has almost become common practice for new social networks. If Clubhouse wasn’t part of the club before, it is now.
“Network News” reported last weekend that the personal data of around 1.3 million users were removed from the modern voice chat room application and posted on hacker forums. The compromised data included names, identifiers of other linked social media accounts, and usernames of invited users because Clubhouse is still in the invite-only phase.
Clubhouse did not immediately respond to Mashable’s request for comment, but Clubhouse’s official Twitter account rejected the idea of a hacker attack, saying the leaked information was made public via the app’s API.
Technically this may be accurate, but the bottom line remains that the data was not previously available in a search and collect format. This also raises the question of why all this information is included in the Clubhouse API. Things like the real name and user ID of the user who invited you to the app can be considered important enough to avoid some kind of digital lock.
This also cannot rule out the possibility of another more catastrophic leak in the future. The Clubhouse hasn’t seen a Cambridge Analytica disaster in its short life, but some security concerns have already made headlines in 2021.
For example, posting only a list of a person’s real names can lead to phishing or other schemes. Malignant behaviors online outside of the Clubhouse itself. `The approach to data security is advancing. If these kinds of things can make it to Facebook or Twitter, it’s only a matter of time for most other social networks.