Exploit: Hacking
Parler: Social Media Application
Risk to Small Business: 1.619 = Severe
Now-defunct social media site Parler had a wild ride to the finish, including a hacking incident. Hackers were able to exploit security weaknesses in engineering and security to gain access to the membership-restricted content, scraping at least 70 TB of data. The data scrape also includes deleted posts, meaning that Parler stored user data after users deleted it. The hackers also obtained URLs for over a million video URLs, some deleted and private.
Individual Risk: 1.221 = Extreme
Data was taken from Parler’s “Verified Citizens,” users of the network who verified their identity by uploading photographs of government-issued IDs, such as a driver’s license. The scrape includes user profile data, user information, and which users had administration rights for specific groups within the social network. Data like this could be used to mount spear phishing attacks, or as blackmail material, as it contains details that could connect users to criminal acts or membership in extremist groups.
Customers Impacted: 10 million
How it Could Affect Your Customers’ Business: Data like this often makes its way to the Dark Web, enabling it to be used to power cybercrime like phishing and credential compromise.