Audio-only social network clubhouse has confirmed that it experienced a data spillage on Sunday.
A number of celebrities are on the new app which allows its users to participate in live audio conversations that are knows as chat rooms. This has allowed people to have open and candid conversations that can apparently not be deleted.
However, there was a user who managed to find a way to stream audio to another site, US cyber-security researchers have confirmed that the user has been banned. This has been the platforms first security breach which is okay since the app is still in its beta stage, the app firm have installed new “safeguards” to prevent this from happening again.
The action has not been termed as illegal but instead a breach of clubhouse’s terms of service. The idea is that people can host audio conversations in a private setup but the user violated that.
The difference between a “data breach” and “data spillage”.
According to Australian cyber-security researcher Robert Potter this was not a data breach but more of a data spillage, a data breach is when a hacker takes over the system and the data. Data spillage is whereby sensitive information is shared without any authorization to do so.
The incident occurred because a user had realized that it was possible to be in multiple chat rooms at once.
By understanding how this worked, the user could connect a Clubhouse API to his website, and essentially “share” his login remotely with anyone on the internet who wanted to listen to the audio chats from the app.
Security concerns.
So far several security experts fear that the platform is in fact not safe and have raised several concerns.
The researchers were also concerned that the Chinese government could gain access to the raw audio files on Clubhouse’s servers, because its back-end infrastructure is provided by a real-time engagement API firm called Agora, which has offices in both Shanghai and San Francisco.
