Eugen RochkoAs much as I'd like to see Clubhouse fail it's a bit ridiculous the media is running with a "leak" of user data... It's all public profile stuff
stux⚡️@Gargron it's still a db hack lol
@stux It's not, actually
@Gargron so free open to download from their platform? link pl0x?
@stux If my understanding is correct, if you have an API token (which you can intercept from the app on your phone) you can use their search API to iterate over all users
@Gargron Hmm, that "should be" restricted right? if then it would be indeed just a "simple download" lol
@stux You could argue that there should be an upper limit of results returned by search and rate limits to slow down scraping of data but ultimately I don't see anything that would classify it as unauthorized access at all. All the information obtained is something you would see by visiting each user's profile.
@Gargron damn.. Still a big error from their side i think. It's indeed public info but now it's in such a way easy searchable and packed for attackers so to say 
I don't mind if my email is "leaked" as is but when more info is added i get more and more spooked