A few days after the launch of the new social network GETTR, hackers they've already managed to exploit the service's buggy API to obtain the names, email addresses and location of thousands of users. The Motherboard he says:
Hackers managed to obtain email addresses and other data of 90.000+ GETTR users. On Tuesday, a user of a hacking forum has published a database of what it claims are users of GETTR, the new social media platform launched last week by ex-President Trumo's ex-spokesman, Jason Miller.
(To mention that immediately after the announcement of the new social network, we had another one infringement with deface of the website)
Data seen by the motherboard includes email addresses, usernames, status and location. One of the people whose email is in the database confirmed to Motherboard that it has actually registered with GETTR.
Motherboard researchers also verified the database while trying to create a new one account με τρεις διευθύνσεις email που υπήρχαν ήδη στη βάση δεδομένων που διέρρευσε. Τότε το κοινωνικό δίκτυο εμφάνιζε το message: “Email in use”, indicating that someone is already registered.
It is not clear if the database contains the usernames and email addresses of all users of the new social network.
Alon Gal, co-founder and CTO of security company Hudson Rock, was the one who found the post on the database hacking forum.
“When hackers are able to extract sensitive information due to neglected API implementations, the consequence is tantamount to a data breach and should be dealt with accordingly by the company but also looked into by regulators,” he told Motherboard.