A few days after the release of the new social network GETTR, hackers have already managed to take advantage of the buggy API of the service to obtain names, email addresses and the location of thousands of users. The Motherboard he says:
Hackers κατάφεραν να αποκτήσουν διευθύνσεις email και άλλα δεδομένα 90.000+ χρηστών του GETTR. Την Τρίτη, ένας χρήστης ενός hacking forum δημοσίευσε μια βάση data που ισχυρίζεται ότι είναι χρήστες του GETTR, της νέας platformς κοινωνικών μέσων που κυκλοφόρησε την περασμένη εβδομάδα από τον πρώην εκπρόσωπο του πρώην προέδρου Trumo, τον Jason Miller.
(To mention that immediately after the announcement of the new social network, we had another breach with deface of the website)
Data seen by the motherboard includes email addresses, usernames, status and location. One of the people whose email is in the database confirmed to Motherboard that it has actually registered with GETTR.
Motherboard researchers also verified the database in an attempt to create a new account with three email addresses already in the leaked database. Then the social network displayed the message: “Email in use”, indicating that someone is already registered.
It is not clear if the database contains the usernames and email addresses of all users of the new social network.
Alon Gal, co-founder and CTO of security company Hudson Rock, was the one who found the post on the database hacking forum.
"When hackers are able to extract sensitive information due to neglected API applications, the consequence is tantamount to data breach and should be dealt with accordingly by the company and considered by regulators," he told Motherboard.
