Cyber Incident Victim: GETTR

On or around July 6, 2021, the newly launched pro-Trump social media platform GETTR experienced a data breach involving unauthorized access to user information. A hacker exploited an unsecured application programming interface (API) to scrape data from 87,973 user accounts and subsequently published the stolen database on a prominent hacking forum. Cybersecurity researcher Alon Gal first identified the leaked data, which included both publicly accessible profile details and non-public personal information. The attacker initially targeted a vulnerable API to harvest public profile data before GETTR secured it, but another forum member later discovered a separate unsecured API that exposed additional private details. This secondary breach vector allowed access to users' email addresses and birth years—information not visible through normal profile browsing.

The compromised dataset contained users' email addresses, nicknames, profile names, birth years, profile descriptions, avatar URLs, background images, locations, personal website links, and internal platform metadata. While much of this information was publicly available on user profiles, the exposure of email addresses, birth years, and precise locations represented non-public data elements. BleepingComputer verified the authenticity of the breach by confirming account matches through random sampling of leaked email addresses. The publication of this data created risks for targeted phishing campaigns, as threat actors could leverage the private details to craft convincing fraudulent communications. GETTR did not issue a public statement in response to media inquiries about the breach at the time of reporting. Users were advised to remain vigilant against potential phishing attempts exploiting the leaked information, though the platform did not disclose any remediation steps taken beyond securing the initial API vulnerability.