Is Houseparty safe to use and should you trust it with your personal data after the hack rumours?
Houseparty users across the globe have flooded social media with troubling reports of hackers leveraging the video chat app – which has seen a surge in popularity following the strict lockdown measures put in place to stop the spread of the novel coronavirus in the UK, Europe and United States – to force their way into other online accounts, including Spotify and Netflix. But is there any evidence that Houseparty has been hacked?
The company, which was acquired last summer by Epic Games – the developer behind the battle royale sensation Fortnite, says it has found no evidence of any data breach in its systems.
Approached by Express.co.uk when users first started to share screenshots of warnings from Netflix and Spotify that cyber crooks had been able to access their accounts, a spokesperson for Houseparty said: “We’ve found no evidence to suggest a link between Houseparty and the compromises of other unrelated accounts. As a general rule, we suggest all users choose strong passwords when creating online accounts on any platform. Use a unique password for each account, and use a password generator or password manager to keep track of passwords, rather than using passwords that are short and simple.”
This was followed by a stern tweet from the official Houseparty social media account, which stated: “All Houseparty accounts are safe – the service is secure, has never been compromised, and doesn’t collect passwords for other sites.”
Unfortunately, that has done little to stop the thousands of users who are convinced there is evidence that data stored on Houseparty isn’t secure. Some have gone so far as to suggest hackers are able to infiltrate your banking apps – which are typically secured using a two-factor authentication system – thanks to the party-orientated video chat app.
All Houseparty accounts are safe – the service is secure, has never been compromised, and doesn’t collect passwords for other sites.
— Houseparty (@houseparty) March 30, 2020
“DELETE HOUSEPARTY!!!! They are hacking into Spotifys, Snapchats and even online banking!!! Delete your account before deleting the app,” one user tweeted. Love Island alum Olivia Buckland has also joined in with the snowballing reports of hacks.
“Hi friends. I was told Houseparty app isn’t trustworthy, my friend’s mate was hacked so prob best to delete! Just wanted to let ya know!,” the reality TV personality added.
If Houseparty has found no evidence of a data breach – how is it possible that people are claiming to have been the victims of a hacking campaign?
Well, if people are using the same email address and password combination for a number of different online accounts, including Houseparty, it’s almost impossible to tell where the breach came from. If Houseparty was the most recent app they signed up for – it would seem like a logical conclusion to blame the app.
When asked how the hack happened, one Twitter user explained: “guess they have access to your password and use it to get into your other accounts with the same details.”
Delete house party – somebody has hacked my Spotify from it ������������������������ pic.twitter.com/exHtjKYZqD
— ������������������������������ ������ (@CairnsOlivia) March 30, 2020
Well Houseparty was good while it lasted but I’m in no stable position to be getting any of my accounts hacked lmao cya
— Chelsea Morrison (@_chelsseax) March 30, 2020
PSA everyone delete ur houseparty account as they have hacked my Spotify and Netflix from POLAND and the US ������
— chloe failes (@chloefailes) March 30, 2020
guess they have access to ur password and use it to get into your other accounts with the same details
— chloe failes (@chloefailes) March 30, 2020
If Houseparty is correct – and hackers haven’t taken email-password combos from their databases – the same principle applies. Data obtained from a previous breach from another service could allow hackers to use the same email-password used for Houseparty to log in to Spotify, Netflix and a number of other accounts.
It’s important to always use a different email-password combo for every online account in order to prevent this type of hack. Password managers – apps that generate unique passwords and store your logins, meaning you only have to recall a single one to access the repository – can help people keep track of their online accounts and safeguard themselves against hackers. We’d recommend 1Password or LastPass.
If you have used the same email address and password for your Houseparty as other popular apps – like Netflix or Spotify, it’s worth changing immediately to something unique. Check Have I Been Pwned to find out whether your login credentials for Houseparty – or any app – has leaked online and is being used by cyber criminals.
And if you have any idea how the reports of a hack in Houseparty have spiralled so fast, contact the app. That’s because the company is now dishing out a $1 million reward – that’s roughly £811,000 – to anyone who has evidence the company was a victim of a commercial smear campaign.
Houseparty is available on macOS, Google Chrome web browser, Android, iPhone and iPad
According to Apptopia, downloads of the app have spiked from an average of 130,000 a week in mid-February to two million each week in the middle of March, following the tough social distancing restriction enforced in a number of countries in a bid to stop the spread of COVID-19. With that level of success, it’s understandable that Epic Games wants to prove that users’ data is safe in its hands.
In a tweet about the bounty, Houseparty said: “We are investigating indications that the recent hacking rumours were spread by a paid commercial smear campaign to harm Houseparty. We are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign to firstname.lastname@example.org.”
For those who don’t know, Houseparty – which is available on iPhone, iPad, Android, macOS, and Google Chrome – is a video chat application that lets you drop-in and drop-out of video chats with friends. The app was originally imagined for University students to keep open throughout the day, with people dropping in for chats every so often whenever they wanted to talk.
Since then, a number of games, including a trivia quiz, Pictionary-style game, and others, have been added that can be played with friends in the chat.
We have spent the past few weeks feeling humbled and grateful that we can be such a large part of bringing people together during such a hard time.
— Houseparty (@houseparty) March 31, 2020
Whenever you open the app on your computer or smartphone, a notification will be sent out to all of your friends, letting them know that you’re “in the house” and ready to video call. You can drop into any active conversations that your friends are holding – even if you don’t know everyone in their video chat – unless one of the participants decides to “lock the room”.
This has led to a number of horror stories from users, with Houseparty users reporting ex-partners suddenly appearing in video chats out of nowhere. Bosses and teachers have also purportedly appeared in video chats while people have been talking in the bath.
As such, campaigning charity Internet Matters has warned the app could represent a threat to youngsters by enabling strangers to enter their private chats. It has warned parents to make children aware of the importance of “locking” their video calls to stay safe.