Houseparty denies hacking charges, but is it safe to use?

Edward G. | April 6, 2020

Houseparty, along with Zoom, is one of the video-calling services that has exploded in popularity amidst the Covid-19 outbreak. Over the last week alone, the group video chat app reached over two million downloads and became a virtual household to many young people worldwide. But recently, Houseparty turned into the center of viral claims that the app breached, and led malicious hackers to gain access to private users' data. Therefore, is it safe to continue using it?

Spreading rumors

A handful of unsubstantiated claims about Houseparty started to spread on Twitter, TechCrunch reports. Several people posted screenshots showing that someone hacked their Netflix, Spotify, and bank accounts. They accused Houseparty, as hacks happened right after they downloaded the app. However, none of the Twitter comments gave any credibility to explanations and evidence that Houseparty implicated in any hacking.

The app's owner Epic Games - the company behind popular games Fortnite and Gears of War - deny that a breach has taken place. The company states that they found no evidence to suggest a link between Houseparty and other possibly compromised platforms. However, they are investigating the theory if the indications of breach could be a paid commercial smear to harm the company. Now, Houseparty tweeted on its official Twitter page that they are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign. Yet, no one answered such a proposal.

There are privacy risks

As of now, the Houseparty hack story seems like nothing more than a hunch going viral. Speaking to Forbes, security expert Lukas Stefanko noted that Houseparty is relatively safe compared to many other apps. However, still, there are certain privacy risks for users to beware of. Privacy experts warn about "gate crashers" entering conversations on the app. If a chat is left "unlocked," any user can enter it uninvited, as long as they connect to someone in the conversation. Gatecrashing reportedly led to inappropriate behavior and even pornographic images sent to unwitting users. Luckily, users do have an option to change the settings and get into "private mode" to lock their chat rooms.

Beyond the gatecrashing, Houseparty collects a worrying amount of personal information. A closer look at Houseparty's privacy policy reveals that the app receives access to users' geolocation data. Such information could, in theory, be used to map the location of every user. Indeed, the company promises to anonymize and aggregate data before they share it with third-party affiliates and partners they work with. However, security experts often negotiate and try to prove that anonymous data can be re-identified. It's also possible that the U.S. government could begin surveilling the app because of its access to netizens' geolocation and popularity. Fortunately, each user has an option to opt-out from tracking by turning their location data off.

How to stay safe

  1. Visit Houseparty settings and decide how open you want to be. If you want to meet new people by special invitation only, make your rooms "locked."

  2. Turn 2FA (two-factor authentication) wherever it is possible. Even if some malicious snooper does steal your password, they will not gain access to your account, as long as there's additional verification needed.

  3. Use a robust and different password for each platform you register on. If you choose a long and complicated password, you will make it very difficult for a hacker to crack it. Hence, the more complex your password is, the more security it provides for your account. Remember, if you use the same password on each platform you register, gaining access to one account will open the doors to every other.

  4. Use a VPN to encrypt your traffic. This way, no cybercriminal will be able to intercept your online communications and see what you do online. VPN changes your IP address, making your browsing activity private. It's the easiest and the most effective way to prevent any invasive tracking.

Edward G.

Edward G.

Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.



© 2023 Atlas VPN. All rights reserved.