Good morning to everyone who has no fear that a nation-state actor has seized evidence of criminal activities from their parler account.

:blobpats:

hmm, wonder if the asshats at parler are going to notify their users that there has been a serious data breach as is required under the GDPR...they only have a few days to comply iirc

Show thread
Follow

@kemonine archiveteam scraped them before they went down and got ~70TB of data, including unredacted exif data and, from what I'm hearing, photo IDs

@djsundog holy crap ; how'd archive team get that kind of data? IIRC they skew to only publicly accessible info and link webs

@kemonine @djsundog My understanding of the reporting is that Archive Team wasn't involved as such - it was just their software that was being used to scrape the data.

Apparently the attackers created lots of admin accounts that were then used to access whatever was reachable to those.

@kemonine They were booted by their authentication service, and apparently some of their backend wasn't prepared to deal with the failure modes resulting from that. From what I've read, the password reset function just accepted any new password, which was used to gain initial access to an account with admin privileges.

@djsundog

Sign in to participate in the conversation
reclaim.technology

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!