Threat actor put 3.

8 B phone numbers on sale from clubhouse

database on dark net.

By : - Manish Kumar Shrestha

Date :- July 27 , 2021

On a cyber site, a threat actor has been selling Clubhouse's sensitive database of 3.8 billion phone
numbers. The organization "saves/steals each user's phonebook" in a secret database, according to the
threat actor.

The details revealed included Clubhouse user IDs, names, usernames, Twitter handles, Instagram
handles, number of followers, number of people followed by the users, account creation date, and
invited by user profile names. There was no financial information exposed in the data incident.

The threat actor shared a link to a sample of the database's contents, which included the phone
numbers of 83.5 million Japanese customers. In April 2021, Cyber News researchers discovered that the
personal information of 1.3 million Clubhouse users had been leaked online.

"There are a series of bots creating billions of random phone numbers," Clubhouse said in a statement
to news agency IANS, denying the allegations. "In the event that one of these random numbers happens
to exist on our platform owing to mathematical coincidence, Clubhouse's API gives no user-identifying
information," the business said in reaction to the supposed "secret database of Clubhouse."

According to the hacker selling the database, Clubhouse uses a score system to rate numbers. The
higher the score, the more frequently a number is found on the consumers' handsets. Clubhouse aims to
figure out how much networking private individuals and businesses do. The information might be resold
to ad agencies and research firms.

A number of experts have weighed in on the subject, refuting the hacker's claims. A list of phone
numbers, such as the one in this case, could be easily created, according to security researcher
Rajshekhar Rajaharia, and the data breach claim looks to be bogus. Another researcher, Sunny Nehra,
pointed out that the threat actor is new to the forum and is the least engaged.

"Clubhouse appears to be next after stolen data from over a billion Facebook and LinkedIn profiles was
put up for sale online a few days ago. An SQL database with 1.3 million scraped Clubhouse user records
was made available for free on a major hacker website, implying that the upstart platform has met the
same fate "The case was covered by CyberNews.

However, in several European nations, data collecting from those who have not given their agreement
to the service is illegal. The General Data Protection Regulation (GDPR) aims to prohibit personal data
from being collected from people who do not utilize a service. If European users are included in the
database leak, Clubhouse could face a hefty fine from the EU.
Clubhouse is a social audio software for iOS and Android that allows users to participate in voice chat
rooms with tens of thousands of people. On the audio-only app, live talks are hosted, and users can
participate by speaking and listening. According to Clubhouse rules, conversations may not be recorded,
transcribed, reproduced, or circulated without prior approval.