Clubhouse is a social audio app for iOS and Android, where users can communicate in voice chat rooms that host groups of thousands of people.
On July 24, 2021, leading cybersecurity expert Jiten Jain wrote on Twitter that a database of 3.8 billion phone numbers (cellphones, fixed, private, and professionals numbers) of Clubhouse users is up for sale on the Darknet. The screenshot on the tweet claimed that “Clubhouse is connected in real time to all their users’ phonebooks meaning each time you add a new phone number in your phonebook, the number is automatically added into the secret database of Clubhouse. Each number is ranked by a score (the score corresponds to the number of Clubhouse users who have this specific phone number in their phonebook). With this score we are able to evaluate the level of network of each phone number in the world”.
In response, Clubhouse denied these claims, and said: “There has been no breach of Clubhouse. There are a series of bots generating billions of random phone numbers. In the event that one of these random numbers happens to exist on our platform due to mathematical coincidence, Clubhouse’s API returns no user-identifiable information. Privacy and security are of the utmost importance to Clubhouse and we continue to invest in industry-leading security practices.”
Several security experts have denied the hacker’s claims. Security researcher Rajshekhar Rajaharia said that the list of phone numbers can be generated very easily, and the data leak claim appears fake.
Read more about it here.