Security researchers claims downloading 70TB of sensitive Parler data

Parler has been booted off by Amazon from its AWS cloud platform while Apple and Google have already suspended its apps from their respective app stores. As a result, Parler’s apps and website have been offline since Monday morning.

Parler Goes Offline

 A right-wing social network called Parler went offline earlier this Monday morning after Apple, Amazon, and Google booted the platform. The network was used to plan the storming of the US capital the previous week.

Now it is hit by a massive data scrape as security researchers collected massive data reserves before it went offline. The app was much popular among supporters of Donald Trump.

80 TB Worth of Data Downloaded

Security researchers claim that they downloaded around 70 to 80 TB data comprising exclusive posts, photos, videos, and messages from the January 6 attack, before Amazon Web Services and multiple other tech firms de-platformed the service. The data is now being distributed online.



Parler’s System alleged Allowing to Create Admin Accounts

A researcher using the alias donk_enby, who first announced the data scrape, posted on Twitter that most researchers found out about Parler’s seizure after details of its security partner Okta was revealed online by a B2B messaging service provider Twilio.

According to Cyber News, soon after security researchers started creating accounts as admin users in Parler’s system since its phone and email verification services weren’t working anymore. Researchers overrode the app’s communication tools and managed to log into accounts.

Although yet unverified, a Reddit post claims that afterward, the researchers gained administrator access and created new admin accounts. They used the new accounts to download data dumps and creating a Parler Tracker.

Millions of Videos, Posts, and Other Data Exposed

Donk_enby wrote that more than a million video URLs, including private data, are part of the data dump. It also included deleted posts because instead of removing the post, Parler removed the pointer to that post to make it inaccessible to users.



Verified Citizens’ Data At Risk

Security researchers claim that the scrapped data is linked to the accounts which posted it. Some of the images and videos also contain geolocation information. Data from Parler’s Verified Citizens refers to the users who had verified their identity by uploading their government-issued ID pictures, such as their driver’s license.

Researchers revealed that images and video data still contain the EXIF data, including metadata of date, time, and location.

 

The data is still being processed. However, Trump supporters have already started voicing their concerns regarding the consequences of such large-scale data exposure.

Moreover, it could potentially reveal their last week’s activities in Washington D.C. law enforcement can use this data to identify those who participated in the violent attack on the capital city on January 6th.

You may also like...