Billions of Facebook and Clubhouse account details leaked online

By Dasblog


A database made up of billions of user records purportedly scrapped from Clubhouse, has been put on sale on a popular hacker forum, cybersecurity researchers have claimed.

Analysts at CyberNews say that the database appears to include names, phone numbers, and other personally identifiable information (PII).

The database has allegedly been compiled by combining 3.8 billion phone numbers from a previously scraped Clubhouse database, with the owner’s Facebook profiles, making it valuable to scammers.

TechRadar needs you!

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

>> Click here to start the survey in a new window <<

  • Shield yourself with these best identity theft protection services
  • We’ve put together a list of the best endpoint protection software
  • Here’s our choice of the best malware removal software on the market

If genuine, the database “could serve as a goldmine for scammers,” opines CyberNews’ senior information security researcher Mantas Sasnauskas. 

Bonanza for scammers 

According to CyberNews, the compilation is an upgrade to an original scrape from breached Clubhouse servers, which only contained the phone numbers of Clubhouse users and people from their phone contact lists.

While the original list wasn’t of much use to scammers, the addition of the users’ Facebook profiles brings a lot more contextual information about the owners of the phone numbers, including usernames, locations based on phone number suffixes, their Clubhouse network sizes, and Facebook profiles, suggests Sasnauskas.

He goes on to explain that if the database is indeed genuine, the data can be used by threat actors to devise all kinds of malicious campaigns. For instance, attackers could use the info to brute force the passwords of the affected users, or perhaps even conduct targeted phishing and social engineering campaigns. 

The poster is reportedly asking $100,000 for the full database of 3.8 billion entries, but is open to the idea of selling the data in piecemeal fashion.

  • Protect your devices with these best antivirus software



Source from www.techradar.com

Leave a Comment