Right-wing social media network Gab appears to have suffered an extensive data breach. According to Wired, a self-proclaimed hacktivist who goes by the handle “JaXpArO” obtained more than 70GB of data on the platform’s users through a SQL injection vulnerability. The dataset includes approximately 40 million posts from more than 15,000 Gab users, including accounts linked to Representative Marjorie Taylor Greene, My Pillow CEO Mike Lindell and Alex Jones. JaXpArO shared the trove with Distributed Denial of Secrets (DDoSecrets), a WikiLeaks-like advocacy group that plans to selectively share the database with journalists and researchers.
"It's another gold mine of research for people looking at militias, neo-Nazis, the far-right, QAnon, and everything surrounding January 6th," DDoSecrets cofounder Emma Best told Wired. "It contains pretty much everything on Gab, including user data and private posts, everything someone needs to run a nearly complete analysis on Gab users and content."
When reports of the hack first started to circulate online, Gab published a blog post on Friday denying that it had suffered a data breach. “We do not currently have independent confirmation that such a breach has actually taken place and are investigating,” the company said at the time. “If the alleged breach has taken place as described, your passwords have not been revealed.”
On Sunday evening, however, CEO Andrew Torba said "mentally ill" hackers were attacking Gab. He went to claim his account and that of Donald Trump were among those that had been compromised in the hack. While there is a “realdonaldtrump” account on Gab, as The Verge points out it doesn’t appear to be actually associated with the former president. DDoSecrets told Wired it hasn’t attempted to crack any of the hashed passwords included in the database, nor has it tried testing the plaintext ones.