Parler backed up by multiple independent archivists before shutdown
Parler went offline sometime around midnight PST last night as Amazon Web Services discontinued hosting the platform, but users need not fear as multiple sources swooped in and grabbed 70+tb of data possibly using fake admin accounts. Details of the hack on reddit tend to indicate it was less to do with compromised admin accounts and more to do with extremely poor coding.
TL;DR – all Parler data probably compromised, if you were a “verified citizen” might want to contact a credit reporting agency and file a fraud alert.
Data that was saved (should sources be believed,) include all deleted posts, scanned identification, images, geolocation data, IP, logs, videos, etc. It appears to total of about 77TB worth of data pulled over the past few weeks from what I’ve been reading, although this source seems to indicate their Parler grabs were 70tb done over the previous day by thousands of people devoting bandwidth and a different method of illegally accessing the site.
If you were a Parler “verified citizen” be aware your government ID is potentially in the hands of anyone who wants it because Parler didn’t secure it. You can file a fraud alert at Equifax, Experian, and Transunion.
The ongoing weeks-long captures ones were not a sophisticated hack from what I’ve read, the one linked above from yesterday was more so if it’s to be believed. This was far too easy for the Parler social network to be penetrated and flipped.
While I got this via Twitter and a couple of chat groups, here’re some links to other articles.
Details of last night / yesterday’s events include (but I can’t verify,) that Parler lost Twillio as their 2FA provider, the account recovery and creation system broke, random users were able to create or fake admin accounts. Parler didn’t randomize endpoint numbers so all you had to do was count backwards to get any media on Parler served to you. Someone decompiled the Parler app and looked at the admin UI to tell if a user was an admin or not.
In other words, bad code, security practices, etc… this would have happened (and from what I’m told has been for weeks prior.)
Some security people I follow seem to indicate that it required no hacking beyond looking at how the Parler app recognized whether or not it was supposed to show you deleted/other content and creating a PHP page to just pull the data you were not supposed to be able to see by telling Parler you were a totally legit admin asking for the data.
Who knows… we’ll hear full details soon.
