Parler has apparently been hacked big-time. VoxDay has the story.
I did not and would not sign up for any social media service that wanted both my telephone number and my driver’s license. In this day and age, there is no reason to provide such important information to potentially compromised entities like Parler. An email to verify registration? OK. A cell number for two-factor authentication? I understand why you would want that for security purposes. But a driver’s license? Are you kidding me?
A group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.
Well, because of that access, it gave them access to the behind the login box API that is used to deliver content — ALL CONTENT (parleys, video, images, user profiles, user information, etc) –. But what it also did was revealed which USERS had “Administration” rights, “Moderation” rights.
Well, then what happened, those user accounts that had Administration rights to the entire platform… The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no longer authenticating emails. This meant, they’d get directly to the reset password screen of that Administration user.
This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up creating MILLIONS of fake administration accounts.
Vice, which is not exactly a patriot friendly site, also reports on the story and gives away the real reason for the hack.
“Bad news. Left extremists have captured and archived over 70TB of data from Parler servers. This includes posts, personal information, locations, videos, images, etc,” a Telegram account called North Central Florida Patriots said on Monday morning.
The intent is a mass dox and a list to hold patriots ‘accountable’. It is too late to scrub your data, and it’s already archived. There is nothing you can do to prevent what’s already happened. All you can do is prepare for the fallout. Accountability may come in many forms for our free speech, doxing, jobs might be called, addresses leaked and people coming to your house, etc.”
