User data leaked from Gettr few days after launch

In early 2021, following the riots in the Capitol, Facebook, Twitter, Instagram, YouTube and Snapchat blocked Donald Trump’s accounts, and user data leaked from the newly launched Gettr social network (with which were linked Trump’s future Internet activities).

In May of this year, Trump launched his own blog From the Desk of Donald J., but the site closed in June due to insufficient popularity, as well as due to the fact that Trump was going to use another social network.

In early July, the social network Gettr was launched, which was created by former Trump press secretary and adviser Jason Miller and former head of communications for his campaigns Tim Murto.

Interestingly, according to Bloomberg, Donald Trump himself has no plans to register an account with Gettr and has not funded the creation of this social network.

However, what then was Trump hinting at?

The platform will have features such as the ability to post messages no longer than 777 characters and videos as long as three minutes, according to the release.

The app describes its purpose as “fighting cancel culture, promoting common sense, defending free speech, challenging social media monopolies, and creating a true marketplace of ideas.”

Almost immediately after the launch, Gettr was hacked, and by that time the service already had more than 500,000 users. The hacker defaced the accounts of prominent Republicans, including former Secretary of State Mike Pompeo, Georgia Congressman Marjorie Taylor Green, former Trump campaign manager Steve Bannon, and Jason Miller.

According to The Record, databases with information about Gettr users have already appeared on hacker forums (in particular on RAID). Two dumps were collected on July 1 and 5, with the first data collected by regular site scraping, and the second, a larger leak of 90,000 records, was a product of the Gettr API’s insecure endpoints abuse.

Databases include real usernames, descriptions from their profiles, usernames, and other information such as email address, year of birth and location data. Moreover, journalists confirm that the information is genuine.
The Gettr administration has yet to comment on the incident.

Recall that we talked about the fact that Cyber-bullies hacked the Donald Trump campaign official website and that SolarWinds Attack Gives Hackers Access to Trump Administration Officials Accounts.