Security Barn News

A Twitter post claims that the Data of 3.8 billion clubhouse users comprises of users numbers got leaked and published over the Dark Web. According to the tweet, the leaked data includes mobile, fixed-line, private and professional numbers and the data will be sold through a private auction on 4th September 2021. Those who wish to participate in the auction were asked to leave a comment on the darknet post following which the user would share the link to participate. "A database of 3.8 billion phone numbers of #Clubhouse users is up for sale on the #Darknet. It also contains Numbers of people in user's PhoneBooks that were Synced. So Chances are high that you are listed even if you haven't had a Clubhouse login. #DataPrivacy," said the tweet. Audio-only social platform Clubhouse has denied reports of a data leak after a user published posts on Telegram and the dark web claiming to sell contact information of more than 3.8 billion people saved in the databases of Clubhouse. The platform said it does access its users’ contact lists, but added that there was no breach of data. “There are a series of bots generating billions of random phone numbers. In the event that one of these random numbers happens to exist on our platform because of mathematical coincidence, Clubhouse’s API returns no user-identifiable information. Privacy and security are of utmost importance to Clubhouse and we keep investing in industry-leading security practices," the company said. Back in April, a similar rumour surfaced of a data breach and the consequent sale of personal information of 1.3 million Clubhouse users including user IDs, names, usernames, social media handles, photo URLs, account creation dates, and information about who nominated the user to the app on the darknet. The claims were denied by Clubhouse CEO Paul Davison stating the report claiming personal user data had been leaked was "false." The Clubhouse Twitter account had also issued a statement that said, "This is misleading and false. Clubhouse has not been breached or hacked. The data referred to is all public profile information from our app, which anyone can access via the app or our API." Let's us know with your feedback and share this news around Vishvender & Utkarsh are part of the editorial team at Security Barn and writes on cybersecurity trends and news features.

As per the updates from Internet outage tracker DownDetector , the outage seems to have started at around 8:55 PM IST on Thursday evening. However, within five minutes, the number of reports from people unable to access Zomato alone stood at around 3,000. There were similar scenes playing out with a number of other services too. There appears to be a major DNS, or Domain Name System failure. DNS acts as the phone directory of the internet, translating names of websites into IP addresses. Web services company Akamai Technologies on Thursday said it suffered a massive outage. The problem could be stemming from content delivery company Akamai Technologies leading to several websites facing downtime, including in India. A statement from the company says: "Investigating - We are aware of an emerging issue with the Edge DNS service. We are actively investigating the issue. If you have questions or are experiencing impact due to this issue, please contact Akamai Technical Support. In the interest of time, we are providing you the most current information available, which is subject to changes, corrections, and updates." source: Downdector Some of the major websites experiencing issues and outages include Zomato, Disney+Hotstar, PlayStation Network, Fidelity, FedEx, Steam, Microsoft, Airbnb and Amazon, according to Downdector. There's no word if the issues or outages are interconnected, but it certainly raises an eyebrow that something under the surface is happening. Let's us know with your feedback and share this news around. Vishvender & Utkarsh are part of the editorial team at Security Barn and writes on cybersecurity trends and news features

This project was a consortium of news organizations investigating a leaked global database. In which, 300 'verified numbers of Indian Origin belongs to business executives, religious figures, journalists, opposition & BJP party leaders, Judges were on the leaked database list. This story started with 50,000 cell phone numbers in a database received by Forbidden Stories and Amnesty Technology Lab. They approached media in 16 countries to verify names and, if possible, send system ‘images’ of suspect phones to be tested for Pegasus. So, Pegasus which is used for hacking into the phones is basically a spyware developed by the Israel Cyberarms firm "NSO Group" that can be covertly installed on mobile phones running most versions of iOS and Android. It uses "Zero Click" technology, which means it doesn't require victim to even interact with their phones to hack into their devices(phones). It exploits the vulnerabilities in the OS of the mobile which manufacturer does not know about yet. How exactly this software works? source: Guardian According to the NSO group, the software is licensed only to 'vetted government' customers for the sole purpose of saving lives through preventing crimes and terror acts. They also denied having access to the data post-licensing it to the client as well as any potential data leak from their servers. How Government of India reacted? In a letter shared with ANI, the Ministry of Electronics and Information Technology has out rightly denied the allegations stating, 'India is a robust democracy that is committed to ensuring the right to privacy to all the citizens as a fundamental right.' 'The allegations have no concrete basis or truth' said MiETy in a letter shared. Proof of breach by Amnesty International Amnesty International is a part of the project and its technical lab has conducted a forensic examination of 67 phones operated by persons on the database, 37 of which were found to have evidence of a successful or attempted Pegasus hack. "The first alarm bell rang in India in 2019, with WhatsApp's lawsuit against the NSO Group, didn't lead to questions being asked. We should not allow this to slip away either" quoted by thewire article List of people who were in that list from India Let's us know with your feedback and share this news around For more information regarding this topic please click here Vishvender & Utkarsh are part of the editorial team at Security Barn and writes on cybersecurity trends and news features