A member of a popular whistle-blowing group has claimed to have broken into controversial social network Gab and extracted over 70 GB of user data.
In an interview, Emma Best, the founder of the Distributed Denial of Secrets (DDoSecretcs) group, shared that a hacktivist who self-identifies as "JaXpArO and My Little Anonymous Revival Project" claims to have exploited a SQL injection vulnerability in the alternative social network’s database to get their hands on the data.
"It contains pretty much everything on Gab, including user data and private posts, everything someone needs to run a nearly complete analysis on Gab users and content," Best told WIRED.
- Here’s our list of the best disaster recovery services
- We've put together a list of the best endpoint protection software
- Shield yourself with these best identity theft protection services
According to Best, the hacked data contains the user’s public posts, private posts, user profiles, hashed user passwords, DMs, and plaintext passwords for groups.
She says the group will not be publicly releasing the data due to its sensitive nature, but will instead share it with a select group of journalists, social scientists, and researchers.
WIRED claims to have seen a sample of the data and reports that it appears to contain user’s private conversations as well.
Meanwhile, responding to reports about the breach, Gab’s CEO Andrew Torba has denied the incident. He further claims that much of the information that was reportedly attained through the hack, is already public.
“We do not currently have independent confirmation that such a breach has actually taken place and are investigating,” wrote Torba, further assuring users that even if the database has been compromised the user passwords haven’t been revealed since they are encrypted.
- Protect your devices with these best antivirus software