A few days after the launch of the new social network GETTR, hackers have already managed to exploit the service's buggy API to obtain names, email addresses and even the location thousands of users. The Motherboard he says:
Hackers managed to get email addresses and more data 90.000+ χρηστών του GETTR. Την Τρίτη, ένας χρήστης ενός hacking forum δημοσίευσε μια βάση data which it claims to be users of GETTR, the new social media platform launched last week by ex-President Trumo's ex-spokesman, Jason Miller.
(To mention that immediately after the announcement of the new social network, we had another breach with deface of the website)
Data seen by the motherboard includes email addresses, usernames, status and location. One of the people whose email is in the database confirmed to Motherboard that it has actually registered with GETTR.
Motherboard researchers also verified the database by trying to create a new account with three email addresses that already existed in the leaked database. Then the social network displayed the message: “The email usestai”, indicating that someone has already registered.
It is not clear if the database contains the usernames and email addresses of all users of the new social network.
Alon Gal, co-founder and CTO of security company Hudson Rock, was the one who found the post on the database hacking forum.
"When hackers are able to extract sensitive information due to neglected API applications, the consequence is tantamount to data breach and should be dealt with accordingly by the company and considered by regulators," he told Motherboard.