Right-wing site Gab responds to 'alleged' data breach

Gab acknowledged a security flaw last week but claims it can't confirm if there was a breach.

traffic_analyzer via Getty Images

The CEO of Gab — the right-wing haven that lost mainstream tech backing after violent attacks in 2018 — published a curious blog post denying that the company has suffered a data breach. While it mysteriously went offline for a short time a week ago, at the time it claimed the only problem was some kind of bitcoin wallet spam affecting only a few accounts.

Now Gab's CEO writes that the site was contacted by reporters about an alleged data breach that may have leaked an archive of posts, DMs, profiles and hashed passwords. The CEO says there's no independent confirmation a breach took place, and claims the site doesn't collect much personal information about its users anyway, but still accuses the unnamed reporters of working with a hacker to smear its reputation. Andrew Torba admits the site is aware it had a vulnerability to an SQL injection attack and patched the flaw last week, followed by a security audit that is still ongoing.

Where this all leads is hard to tell, but a reporter linked to DDoSecrets tweeted "Yes, we have the data" and promised more information "soon enough."