Clubhouse: 3.8 billion phone numbers up for auction on the Darknet

For confidentiality, Clubhouse will need to iron. Cybersecurity researcher Marc Ruef has in fact realized that a monumental file comprising 3.8 billion mobile phones directly or indirectly linked to Clubhouse was being offered for auction on the Darknet. Obviously, these 3.8 billion numbers are not only those of Clubhouse users (the app does not have as many users by far) but also come from the contact lists of these same users.

Hackers know how to redeem their loot: the numbers are thus associated with a popularity score, a score established according to the number of appearances of the number in the contacts of all app users! Point (a little) reassuring, however, these numbers are not directly linked to identifiers such as name, address, etc.

This very large-scale hacking is a good illustration of the dangers inherent in the collection of certain data by mobile apps. The problem here is no longer with user consent (which is now mandatory), but with the protection of this data once it is retrieved by the app.