News
Clubhouse data leak: "Consumers addicted to services where data is the price of free use" - Gavin Ashton, data specialist
May 2021 by Gavin Ashton, Security Strategist at Stealthbits
1.3 million Clubhouse users have had their data posted onto a hacker forum, after LinkedIn and Facebook both suffered data leaks. Clubhouse has denied hacking Tweeting that “the data referred to is all public profile information…which anyone can access via the app or our API”.
Data security specialist Gavin Ashton, Security Strategist at Stealthbits, a Netwrix company, has shared the following analysis and advice:
“Despite the internet being extremely new in evolutionary terms, the past decade has driven a large percentage of the global population to become completely addicted to social media services where individuals’ data are the price to pay for ‘free’ usage. Most users unfortunately remain unaware of the risks to their private information submitted to services like LinkedIn, Clubhouse and others, so it’s unlikely any meaningful progress will be made in the near future.
“Something consumers can do to take back control of their data right now is to look at the commercial model of any services they decide to share information with. If something is free, that probably comes with caveats around either privacy or data security, so users should consider all the pros and cons instead of blindly sharing their sensitive data right away. But with the number and availability of services increasing so rapidly, and regulation still a long way from being perfect, these are issues that will plague consumers for a long time to come.
“Social media platforms will always have vulnerabilities and bugs. What’s important is how companies react and respond to them, rather than rejecting they have any role in data leaks, which could not only damage their brand image but make them even bigger targets for hackers. In the case of Zoom for example, which saw incredible adoption at the start of the pandemic, they quickly suffered multiple significant vulnerabilities but have since been working extremely hard to get them plugged.
“When building a net new set of services that rely on the cloud – such as social media platforms – developers should partner with a recognised cloud consultancy to build a “Cloud Centre of Excellence”, also known as CCOE. As cheesy as it sounds, a CCOE generates the correct architectural assets, frameworks and guardrails which enable organisations to rapidly build, deploy and manage services that effectively protect user data, but allows them to provide full range of features, optimal performance, security and cost efficiency. Without these features in place, new services commonly fail in one or more of these areas, very often when their data is exploited.”
