This week was reported that user data from from over 1.3 million user records was leaked from the popular social media application Clubhouse, after being scraped from an SQL database and leaked online via a popular hacker forum. This is the latest in a series of successful social media breaches in 2021, happening just days after Facebook and LinkedIn saw more than a billion user profiles scraped and put to auction online.
This latest compilation saw user IDs, names, photo urls, usernames, social media handles, and other account information leaked, including the profile of the invitee, which is how users are invited to join the social media platform. It is not believed that any sensitive financial information, such as credit card details, were included in this data.
Using this information, threat actors can undertake precisely targeted phishing attempts, social engineering attacks, and even identity theft against the victim users. It is likely that they will cross reference this data with existing data from previous breaches to created increasingly detailed profiles on potential victims.
Suspected victims are being advised to use data leak checkers to confirm if their information is included in this breach, before re-evaluating their personal security hygiene. This includes incorporating password managers and two-factor authentication tools, as well as being vigilant of any future communications from Clubhouse or other entities that could be phishing attempts including suspicious links, attachments, or instructions.
Multifactor authentication tools are a simple yet effective tool in bolstering security hygiene. Tools such as Google Authenticator, Duo Security, or similar, are easy to set up and can be a significant difference in day-to-day security.
Blueliv also recommends users regularly update their credentials to ensure that all login details are unique, a step that can be easily achieved through the use of a password management platform.
For SOC teams taking note of this civilian attack and being rightfully concerned about the safety of their data, Blueliv’s Credentials Module is on hand to provide actionable insights into leaked data, and the means to intercept stolen credentials the moment they move to crimeservers. Right now, Blueliv is offering a free month of the Credentials Module to help businesses protect themselves against credential theft.
Taking these recent high profile credential breaches on board, SOC team must have a strategy in place that allows them to plan for the worst, and mitigate any future attacks as quickly and efficiently as possible. By rolling threat intelligence into their security strategy, they will be equipped to monitor underground communities across the known and dark web, and benefit from actionable insights into the actor groups who operate there, as well as their motivations and predicted actions.