Since its inception, the GETTR site created for supporters of 45th US President Donald Trump has been targeted by threat actors. It is believed that information from the site was accessed two separate times on July 1st and July 5th and then posted for free on RaidForums. Around 90,000 records were found, and they included information such as real names, profile descriptions, site usernames, along with other public information. Non-public information such as a user’s email address, birth year, and location information were also included. This information was accessed by scraping the site and abusing the sites endpoints. It’s unclear who’s behind the breach, but after the site was defaced on its launch day whoever was responsible was asking users to follow @JubaBaghdad on Twitter.
Analyst Notes
Those who had their information exposed could become more targeted in phishing campaigns. Users who come across a phishing message should not open it. If the message is not deleted and happens to be opened, no links or attachments should be clicked on. Never give out personal information if it is requested.
https://therecord.media/gettr-leaks-email-addresses-and-user-details-in-api-security-snafu/?web_view=true
