Alleged Data Breach – 26 February 2021 Andrew Torba, February 26, 2021February 26, 2021 Share this: Today we received an inquiry from reporters about an alleged data breach. We have searched high and low for chatter on the breach on the Internet and can find nothing. We can only presume the reporters, who write for a publication that has written many hit pieces on Gab in the past, are in direct contact with the hacker and are essentially assisting the hacker in his efforts to smear our business and hurt you, our users. The reporter, without providing us with any evidence of the breach or assistance to identify its veracity, alleged that an archive of Gab public posts, private posts, user profiles, hashed passwords for users, DMs, and plaintext passwords for groups have been leaked via a SQL injection attack. We were aware of a vulnerability in this area and patched it last week. We are also proceeding to undertake a full security audit. We do not currently have independent confirmation that such a breach has actually taken place and are investigating. Much of this information (in particular Gab public posts and public user profiles) is already public. It is standard practice for passwords to be hashed. If the alleged breach has taken place as described, your passwords have not been revealed. For groups, where passwords are meant to be shared for users to join with, we do not encrypt this information as is noted in our group creation interface. DMs were only live for a few weeks and are not currently a feature supported by the site, so if a breach has in fact occurred in that domain we expect the number of affected accounts to be low. Gab collects very little from our users in terms of personal information. It is entirely possible for a user of the site to be unidentifiable based on the information they provide at login. In our subscriber records we do not collect health or financial information; we do not collect dates of birth; we do not collect social security numbers; we do not collect telephone numbers; we do not track user searches, queries or browsing history; we do not check who owns an e-mail address before setting up an account (and, in this instance, we have no indication that e-mail addresses were compromised.) Every major tech company – from Facebook to Twitter – has been the target of multiple and continued data breaches. We collect very little personal data so that, in the event of a data breach, the effect on our users will be minimized. As we learn more about this alleged breach, we will notify the community publicly with our findings as required by law. Andrew TorbaCEO, Gab.comJesus is King Uncategorized
Uncategorized Gab.com’s Statement on Today’s Events in Washington, D.C. January 6, 2021January 6, 2021 Share this:Today, the New York Times wrote an article attempting to place the blame for today’s events in D.C. on social media sites like Gab: “On social media sites requested by the far-right, such as Gab…. directions on which streets to take to avoid the police and which tools to bring… Read More
Uncategorized Gab’s Response To The ADL and CNN January 13, 2021January 13, 2021 Share this:Gab has had regular contact with US federal law enforcement for years to ensure our platform is not used for unlawful purposes. Public safety is our top priority. Read More
Uncategorized Their Silly Shame Words Aren’t Working Anymore October 20, 2021October 20, 2021 Share this:For God has not given us a Spirit of Fear, but of power and love and a sound mind. Therefore do not be ashamed of the testimony of our Lord. 2 Timothy 1:7-8 Read More