As reported by ZDNet, video calling platform Houseparty has said it would pay a $1 million bounty to anyone who could unmask the entity behind what the company described as “a paid commercial smear campaign.” The company’s apparent anger comes after Houseparty has been at the center of media reports published yesterday by three British tabloids. Houseparty denied any hacking rumors right from the get-go via a firm statement posted on its Twitter account, claiming that the app “doesn’t collect passwords for other sites,” and, hence, wouldn’t be able to allow anyone to extract this data and pivot to other online services.
If this truly is a smear campaign, the reputational damage to the business could be catastrophic. We are already seeing people delete their accounts in the fear of being hacked, but the truth is there doesn’t seem to be any solid evidence behind it.
What this has done is shone a light on the privacy policy in the app and there seems to be quite a lot of personal data that the app pulls from each device that is used – such as device ID, internet history and other actions taken through the service. When an app is free, it can often mean that your data is the actual price, but I don’t think that this app has been hacked, nor would they keep such passwords in plain text and unencrypted.
It does, however, highlight a good reminder on this and other apps that you should never use the same password for multiple accounts.