The recently launched social site GETTR suffered a data breach after a hacker claimed to use an insecure API to extract the private information of nearly 90,000 members and later shared the data on a hacking forum.
GETTR is a new pro-Trump social media platform created by former Trump adviser Jason Miller as an alternative to Twitter.
What seen for the first time By Alon Gal, co-founder and CTO of cybersecurity firm Hudson Rock, a group of hackers found a non-secure application programming interface (API) that allowed them to extract data from 87,973 GETTR members.
After collecting the information, the data was posted on a popular hacking forum that is commonly used to share databases stolen during data breaches.
The hacker claims that they first used a non-secure API to extract public profile data from GETTR users, but then it was secured.
However, another member of the hacking forum found another insecure API that allowed the scraping of public information and a member’s private email address and year of birth.
From samples of the data viewed by BleepingComputer, the information extracted includes a member’s email address, nickname, profile name, year of birth, profile descriptions, avatar URL, images of background, location, personal website and other internal site data.
While much of the leaked information is available simply by visiting a GETTR user’s profile, a user’s email address, location, and year of birth are not publicly available.
Bleeping Computer confirmed that accounts exist from a random sample of email addresses contained in the leaked data.
Bleeping Computer has contacted GETTR regarding the leaked data, but has not received a response.
What should GETTR users do?
While most of the leaked GETTR account information is publicly accessible, email addresses, year of birth, and locations should not be accessible to other users.
Unfortunately, this type of information can be used by threat actors to conduct phishing attacks aimed at collecting more sensitive information, such as login passwords.
All GETTR users should be on the lookout for phishing emails claiming to be from GETTR, leading to a site asking you to log in.
If you receive these emails, you should delete them immediately and do not enter your credentials.