image
Distributed Denial of Secrets (DDoSecrets), a self-proclaimed “transparency collective,” claim they have received more than 70 gigabytes of data exfiltrated from social media network Gab. Gab, which touts itself as “a social network that champions free speech, individual liberty and the free flow of information online” has drawn in various alt-right and far-right users. A hacker was reportedly able to obtain the exposed data through an SQL injection vulnerability in the site, DDoSecrets claims. Wired, which said they viewed a sample of the data, said that the data appears to include both individual and group profiles for Gab users, as well as hashed account passwords and 40 million public and private posts. These profiles include users’ descriptions and privacy settings, they said. DDoSecrets said they received the files from someone calling themselves “JaXpArO and my Little Anonymous Revival Project.” The group explained in a statement released to DataBreaches.net, “Distributed Denial of Secrets had no role in the compromise of Gab or any other service, and did not crack any password hashes, use any of the plaintext group passwords, or otherwise compromise anyone’s account,” they wrote. “Early in the review process, we made the decision to limit the distribution of the dataset to both protect the privacy of innocent Gab users and the integrity of their accounts and private groups,” they said. Gab CEO Admits Breach Gab CEO Andrew Torba initially denied the breach in a…

Source