The database of the social network Clubhouse, containing the personal information of 1.3 million users, was published on a popular hacker forum.
Among the data that turned out to be available on the network, such information as user ID, his name and nickname, Twitter and Instagram accounts associated with the main profile, the number of followers and people following the user, the date of the account creation, the name of the user who invited.
The database contains only Clubhouse profile information – no credit card details or legal documents included in the published information.
Clubhouse did not promptly comment on the data breach.
Hackers can use data in several ways, writes CyberNews. First, they can conduct targeted attacks. Secondly, to brute-force passwords to Clubhouse profiles and hack accounts.
Security researchers told Business Insider that hackers can use open data to impersonate users or trick them into revealing sensitive information to log into their accounts.
IntSights intelligence analyst Paul Prudhomme told Business Insider that disclosing data is important because attackers can use it to attack companies through employee information.
CyberNews offers to check data leaks using its own service that examines leaks based on email data. CyberNews also recommends that Clubhouse users change their account password and use a password manager, enable two-factor authentication for accounts on all social networks and beware of potential phishing emails and text messages, and not reply to strangers.