Ever since Clubhouse launched, the social networking platform has managed to stay out of controversy. The platform is now open to all without an invite, but it seems to have encountered its first possible and published data breach. This is according to security researcher Marc Ruef who spotted a database for sale on the dark web.
This database is allegedly a Clubhouse database containing 3.8 billion phone numbers. But wait, Clubhouse is still relatively new, so how can there already be 3.8 billion numbers in its database? This is because when users join Clubhouse, the app asks for permission to go through your contact list to find friends who might already be using the app.
Full phone number database of #Clubhouse is up for sale on the #Darknet. It contains 3.8 billion phone numbers. These are not just members but also people in contact lists that were synced. Chances are high that you are listed even if you haven't had a Clubhouse login. pic.twitter.com/PfAkUJ0BL5
— Marc Ruef (@mruef) July 23, 2021
According to the seller of the database, the scan that the app does apparently saves the numbers to a “secret database” of Clubhouse. This means that even if you don’t use Clubhouse, there is a good chance your number could be part of this database. Clubhouse has since denied allegations of a data breach.
In a statement put out by the company, “There has been no breach of Clubhouse. There are a series of bots generating billions of random phone numbers. In the event that one of these random numbers happens to exist on our platform due to mathematical coincidence, Clubhouse’s API returns no user identifiable information. Privacy and security are of the utmost importance to Clubhouse and we continue to invest in industry-leading security practices.”