A few days after the release of the new social network GETTR, hackers have already managed to take advantage of the buggy API of the service to obtain names, email addresses and the location of thousands of users. The Motherboard he says:
Hackers were able to obtain the email addresses and other data of 90.000+ GETTR users. On Tuesday, a user of a hacking forum posted a database claiming to be users of GETTR, the new social media platform released last week by former President Trumo's spokesman Jason Miller.
(To mention that immediately after the announcement of the new social network, we had another breach with deface of the website)
Data seen by the motherboard includes email addresses, usernames, status and location. One of the people whose email is in the database confirmed to Motherboard that it has actually registered with GETTR.
Motherboard researchers also verified the database in an attempt to create a new account with three email addresses already in the leaked database. At that time, the social network displayed the message: "Email is being used", indicating that someone has already registered.
It is not clear if the database contains the usernames and email addresses of all users of the new social network.
Alon Gal, co-founder and CTO of security company Hudson Rock, was the one who found the post on the database hacking forum.
"When hackers are able to extract sensitive information due to neglected API applications, the consequence is tantamount to data breach and should be dealt with accordingly by the company and considered by regulators," he told Motherboard.