Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
More on the Parler Hack. (Miscellaneous chaos)
Parler has been compromised. DM's as well as SSN's and other ID leaked (twitter.com/kevinabosch)
4 points by fooey 37 minutes ago | hide | past | favorite | 6 comments
fooey 36 minutes ago [–]
Here's an additional source with an ENV dump
Link to tweet
reply
slondr 21 minutes ago [–]
Am I missing something? I don't see anything about SSNs here
reply
newacct583 10 minutes ago [–]
Someone posted a link to a Parler influencer agreement document which said they would ask for things like government IDs. It's entirely unclear if they ever took that data or if was available via this database. But... yeah, this is the whole Parler site it looks like.
reply
ev1 25 minutes ago. [–]
Why in the absolute fuck is Parler requesting any form of PII/PCI data?
reply
fooey 22 minutes ago. [–]
For "Verified" accounts
reply
https://news.ycombinator.com/item?id=25203846
Link to tweet
Text: BREAKING: There was just a #parlerhack, this was publicly available and unencrypted on their public API endpoint. Not sure what they've changed yet, although expect a ton of data shortly, we will post updates. #ParlerLeaks
Link to something called an ENV Dump (DU computer and tech experts needed here!)
https://archive.ph/Mll5H
Sample from the ENV Dump:
# Database Configuration
define( 'DB_NAME', 'wp_parler' );
define( 'DB_USER', 'parler' );
define( 'DB_PASSWORD', 'hIP9PEV6u1GXfG4F8jEA' );
define( 'DB_HOST', '127.0.0.1' );
define( 'DB_HOST_SLAVE', '127.0.0.1' );
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
$table_prefix = 'wp_';
# Security Salts, Keys, Etc
define('AUTH_KEY', '@,*9_voP3sKC3z&&P}[(-h2#UOM_0]*[02%]MW:h7}L,G.IN1j@bKY0ohOqH');
define('NONCE_KEY', 'E@V!WK#Z0h%ZRs5dRg?7!orCFbGAUWLXxf3|:55g(++`$CQVc53n7]U}}]ck5{;l');
define('AUTH_SALT', '+!5MfxQ7]x >FNiuS|/c:nX yG=ksoW)+jZbgjogXQar)*,&HY>{|*v8pBA;$|-w');
define('SECURE_AUTH_SALT', '+bq>0u,c^1#[7l1#|R+7-[;$iw>3sQ@N|^l>x7-eci(>}');
# Localized Language Stuff
define( 'WP_CACHE', TRUE );
define( 'WP_AUTO_UPDATE_CORE', false );
define( 'PWP_NAME', 'parler' );
define( 'FS_METHOD', 'direct' );
define( 'FS_CHMOD_DIR', 0775 );
define( 'FS_CHMOD_FILE', 0664 );
define( 'PWP_ROOT_DIR', '/nas/wp' );
define( 'WPE_APIKEY', 'a1495db2888c2a21d556a9d9d0617935fbb5be57' );
define( 'WPE_CLUSTER_ID', '151738' );
define( 'WPE_CLUSTER_TYPE', 'pod' );
define( 'WPE_ISP', true );
define( 'WPE_BPOD', false );
define( 'WPE_RO_FILESYSTEM', false );
define( 'WPE_LARGEFS_BUCKET', 'largefs.wpengine' );
21 replies
= new reply since forum marked as read
= new reply since forum marked as read
I didn’t know you were one of those who joined.
I was thinking of some others, but at any rate, that’s good to hear that no one was giving SSN info etc.
These “reports” of a hack all seem to imply that people had to provide extensive personal info.
What is PCI and PII data?
Two key areas of data compliance revolve around Payment Card Industry (PCI) and Personally Identifiable Information (PII). ... PII data includes such things as social security numbers, date of birth, personal health information, and other data that can identify an individual.
Two key areas of data compliance revolve around Payment Card Industry (PCI) and Personally Identifiable Information (PII). ... PII data includes such things as social security numbers, date of birth, personal health information, and other data that can identify an individual.
https://sherpasoftware.com/blog/finding-pci-pii-in-your-organization/
I didn't know either; I had to look it up.
chmod 777 so they could get around easily.
Thank you...
