A Fourth Estate® Service

Wednesday, January 27, 2021

Hackers Access and Post Parler User Data

Hackers have allegedly stolen user data from Parler before it was taken down due to an API vulnerability.

Hackers have allegedly stolen user data from Parler before it was taken down due to an API vulnerability.

According to Redditor BlueMountainDace, after Parler vendors stopped providing service, the backend no longer required password resets.

“So a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account,” explained BlueMountainDace.

After the hackers uncovered the exploit, they compromised an admin account created thousands of dummy accounts before creating a  docker container called warrior and distributed the download.

Some data including parleys, video, images, user profiles, user information are now allegedly in the hands of hackers and private individuals including some posts relating to the Capitol which were only marked as deleted.

Most of the compromising data dumps were posted on donk.sh by the hackers. 

The text files in the dumps contained links to posts and photos relating to the Capitol insurrection which were archived using Wget-AT.

Article © 2021 Fourth Estate® — All rights reserved.
This material may not be published, broadcast, rewritten or redistributed.

Recent Articles

Global Tally of COVID-19 Cases Surpass 100 Million

The total number of COVID-19 cases worldwide has surpassed 100 million on Jan. 26, according to data from Johns Hopkins University (JHU), amid the...

U.S. Senate Confirms Antony Blinken as Secretary of State

Antony Blinken has been confirmed by the Senate as the next Secretary of State.The confirmation vote had a final tally of 78-22 with the...

UK Offers Financial Incentives to EU Citizens Under ‘Voluntary Return’

The United Kingdom is now offering financial assistance to EU citizens, who want to leave for their home country. Under the ‘voluntary return’ the...

Iran Blocks Signal Messaging App

The Iranian government blocked Signal after local users migrated to the messaging platform following privacy concerns from WhatsApp. The Observatory of Network Interference (OONI) first...

Norwegian Watchdog Slaps Grindr with $11.7 Million Fine for Violating Data Privacy

The Norwegian Data Protection Authority (DPA) announced on Tuesday that it has fined dating app Grindr 100 million Norwegian crowns ($11.7 million) for illegally...

Get the Daily NewsBrief in your inbox

Related Stories