Well, that was fast. Just days after a Twitter clone from former Trump spokesperson Jason Miller launched, the new social network is already beset by problems.
For one, hackers quickly leveraged Gettr’s API to scrape the email addresses of more than 85,000 of its users. Usernames, names and birthdays were also part of the scraped data set, which was surfaced by Alon Gal, co-founder of cybersecurity firm Hudson Rock.
“When threat actors are able to extract sensitive information due to neglectful API implementations, the consequence is equivalent to a data breach and should be handled accordingly by the firm [and] examined by regulators,” Gal told TechCrunch.
Last week, TechCrunch’s own Zack Whittaker predicted that Gettr would soon see its data scraped through its API.
Threat actors were able to take advantage of bad API implemented on Trump’s recent social media platform, Gettr (@GettrOfficial).
This allowed them to extract usernames, names, bios, bdays, but most importantly, the emails which were supposed to be private, of over 85,000 users. pic.twitter.com/NsKyz9zHmQ
— Alon Gal (Under the Breach) (@UnderTheBreach) July 6, 2021
The scraped data is just one of Gettr’s headaches. The app actually went live in the App Store and Google Play last month but left beta on July 4 following a launch post in Politico. While the app is meant to appeal to the famously anti-China Trump sphere, Gettr apparently received early funding from Chinese billionaire Guo…