November 2020 Parler Hack

Part of a series on Parler. [View Related Entries]

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

Overview

The Parler Hack refers to an unconfirmed security breach of the social media website Parler, a micro-blogging platform similar to Twitter that is popular with conservatives. The supposed leak occurred on November 24th, 2020, with some on Twitter saying that a host of user information, including direct messages and social security numbers, leaked as a result of the hack. However, others confirmed that the list was from a previous data breach. Parler CEO John Matze claims the hack never took place.

Background

On November 24th, 2020, people online began spreading news of a hack at the social media site Parler. The earliest available post about the supposed hack occurred that day on Twitter, ^[1] when user @MattyLanza tweeted, "Parler has been hacked. Alot of pus is gonna start oozing out of that boil. #Parler #ParlerHack" (shown below).

matt @MattyLanza Parler has been hacked. Alot of pus is gonna start oozing out of that boil. #Parler #ParlerHack 2:00 PM · Nov 24, 2020 · Twitter for Android 1.

That day, data scientist Kevin A. Bosch tweeted,^[2] "I've seen what looks like legit proof of 5,000 compromised Parler accounts including DM's of some well-known figures. Hackers decompiled the app, zero day exploit.. I wish I could unsee what I've seen." The user later deleted the tweet (shown below).

Kevin Abosch @kevinabosch I've seen what looks like legit proof of 5000 compromised Parler accounts including DM's of some well-known figures. Hackers decompiled the app, zero day exploit etc.. I wish I could unsee what I've seen. 3:50 PM · 24 Nov 20 · Twitter Web App >

Developments

Online Reaction

That day, news of the leak went viral. Twitter account @CopingMAGA tweeted,^[3] "BREAKING: There was just a #parlerhack, this was publicly available and unencrypted on their public API endpoint. Not sure what they've changed yet, although expect a ton of data shortly, we will post updates. #ParlerLeaks." The tweet included a screenshot of a selection of the data supposedly released. The post received more than 3,400 likes and 1,100 retweets in less than 24 hours (shown below, left).

Writer Mikael Thalen refuted the news on Twitter,^[4] stating that the information released comes from a previous leak. They wrote, "While there is an unconfirmed report of Parler being hacked, the screenshot circulating of a Parler database password is old. I looked into the database leak in July and confirmed thanks to @WhiskeyNeon that it was for a site not held on the same infrastructure as the main site." Thalen also corrected the rumor that Parler is based on WordPress.

BuzzFeed ^[5] writer Jane Lytvynenko criticized the original posting about the hack. They wrote, "The man who said "I wish I could unsee what I've seen" abt *unconfirmed* Parler hack has spread false/irresponsible info on Twitter before, if I remember right. Take care. As @MikaelThalen points out, screenshot floating around is from summer, not recent. Wait for verification." The post received more than 1,100 likes and 500 retweets in less than 24 hours (shown below, right).

$Coping MAGA @CopingMAGA ATAGA 000 BREAKING: There was just a #parlerhack, this was publicly available and unencrypted on their public API endpoint. Not sure what they've changed yet, although expect a ton of data shortly, we will post updates. #ParlerLeaks archive.today Saved from https://home.parler.com/1 search 17 Jul 2020 19:40:05 UTC no other snapshots from this url webpage capture Redirected from http://home parler.com/1 no other snapshots from this url All snapshots from host home parler.com Webpage Screenshot O share O download zip report bug or abuse donate 0% <?php # Database Configuration define( 'DB_NAME, 'wp_parler' ); define( 'DB_USER', 'parler' ); define( 'DB_PASSSWORD", 'hIP9PEV6u1GXfG4F8jEA' ); define( 'DB_HOST', '127.0.0.1' ); define( 'DB_HOST_SLAVE', '127.0.0.1' ); define('DB_CHARSĒT', 'utf8'); define('DB_COLLATE', '); $table_prefix = 'wp_'; # Security Salts, Keys, Etc 10% define('AUTH_KEY', define('SECURE_AUTH_KEY', define('LOGGED_IN_KEY', define('NONCE_KEY", define ('AUTH_SALT', define ('SECURE_AUTH_SALT', '+bq>ou,c^1#[711#|R+7-[;$iw>35Q@N|^l>x7-ec<N5p +|9ESD)D1T600tw! (x'); define('LOGGED_IN_SALT', define ('NONCE_SALT', "@, *9_voP3sKC3z&&P}[(-h2#UOM_0]*[®2%]MW:h7}L,G. IN1J@bKYoohoqH<, ?F' ); 'P.@=4N!!c{@#`7:gzJc{4E:`Cxtv* |MJI%)İY/ck8M^_:deE^eqy *Tw{qV/ Im* ?'); '6n[E;I, *v7}~IgN; Rm-1FK10Z!eg(pwz9*[|1R]j-j&#YAVY[y; eNp rK/309N>'); 'E@V! WK#Z@h%ZRs5dRg?7!orCFbGAUNLXxf3|:55g(++`$CQve53n7]u}}]ck5{;l'); '+! 5MfxQ7]x >FNius|/c:nx yG=ksow)+jzbgjogXQar)*,&HY>{| *v8pBA;$i-w'); " $A|fycz&k^-(25xb/mjyd/Mj9}n e|MhiTS+I?-,^.$Di);fr<3s&uP| 2&C-_M&2'); "V6+vw2U1|12XX5IU*O-Quq|o+LOQp4ckfT{=KbYoi Th6)6~)e~f5dDR>l#>i(>}'); # Localized Language Stuff define( 'WP_CACHE', TRUE ); 20% define( 'WP_AUTO_UPDATE_CORE ', false ); define( 'PWP_NAME', 'parler' ); define( 'FS_METHOD', 'direct'); define( 'FS_CHMOD_DIR', 0775 ); define( 'FS_CHIHOD_FILE', 0664 ); define( 'PWP_ROOT_DIR', '/nas/wp' ); 30% define( 'WPE APIKEY', 'a1495db2888c2a21d556a9d9d0617935fbb5be57' ); define( 'WPE_CLUSTER_ID', '151738' ); define( 'WPE_CLUSTER_TYPE', 'pod' ); define( "WPE_ISP', true ); define( 'WPE_BPOD', false ); 2:22 PM · Nov 24, 2020 · TweetDeck$

Mikael Thalen @MikaelThalen · 18h 00 While there is an unconfirmed report of Parler being hacked, the screenshot circulating of a Parler database password is old. I looked into the database leak in July and confirmed thanks to @WhiskeyNeon that it was for a site not held on the same infrastructure as the main site. twitter.com/kevinabosch/st... This Tweet is unavailable. 13 17 243 454 Mikael Thalen @MikaelThalen · 18h 00 As you can see in an archived version of the configuration file, the page was discovered as early as July of this year. This isn't to deny that a hack may have taken place, but that this screenshot is almost certainly unrelated. https://home.parler.com/1 archived 17 Jul 2020 19:40:05 UTC S archive.ph 2 27 8 61 I Mikael Thalen @MikaelThalen · 18h The leaked database was linked to a WordPress page that Parler seemingly used for blog posts and announcements. It would not have hosted user data. The main Parler site is not based on WordPress. 4 27 15 55

Jane Lytvynenko 000 @JaneLytv The man who said "I wish I could unsee what I've seen" abt *unconfirmed* Parler hack has spread false/irresponsible info on Twitter before, if I remember right. Take care. As @MikaelThalen points out, screenshot floating around is from summer, not recent. Wait for verification. 3:42 PM · Nov 24, 2020 · Twitter Web App

Parler Response

That day, Parler CEO John Matze posted to the site that the circulating screenshot is from months ago.^[6] He called the rumor "irresponsible" and refuted rumors that Parler requested users' social security numbers for verification. They wrote:

The alleged “Parler hack” is a screenshot from a WordPress website that has been circulated repeatedly over the past 6 months, despite Parler’s multiple responses that we do not use WordPress products, nor WordPress databases. All of our databases are hidden behind multiple layers of security and are not accessible via the web. This is an irresponsible rumor which uses a “techie” looking WordPress config file which is only capable of confusing a journalistic hack, not an actual hacker. If Twitter continues to fact check others, they should also fact check posts such as these that spread viral misinformation.

Furthermore, we don’t store any personal data, user verification data is deleted on completion, and direct messages cannot send videos/images. All allegations are fake. They are just obsessed with us.

John Matze ·@John 16 hours ago · O 1977663 The alleged "Parler hack" is a screenshot from a WordPress website that has been circulated repeatedly over the past 6 months, despite Parler's multiple responses that we do not use WordPress products, nor WordPress databases. All of our databases are hidden behind multiple layers of security and are not accessible via the web. This is an irresponsible rumor which uses a "techie" looking WordPress config file which is only capable of confusing a journalistic hack, not an actual hacker. If Twitter continues to fact check others, they should also fact check posts such as these that spread viral misinformation. Furthermore, we don't store any personal data, user verification data is deleted on completion, and direct messages cannot send videos/images. All allegations are fake. They are just obsessed with us. 2488 7499 24079

Search Interest

External References

^[1] Twitter – @MattyLanza's Tweet

^[2] Imgur – Cache

^[3] Twitter – @CopingMAGA's Tweet

^[4] Twitter – @MikaelThalen's Tweet

^[5] Twitter – @JaneLytv's Tweet

^[6] Parler – John Matze's Post

Recent Videos

There are no videos currently available.

+ Add a Video

Recent Images 6 total

November 2020 Parler Hack Uploaded by Matt	November 2020 Parler Hack Uploaded by Matt	November 2020 Parler Hack Uploaded by Matt	$Coping MAGA @CopingMAGA ATAGA 000 BREAKING: There was just a #parlerhack, this was publicly available and unencrypted on their public API endpoint. Not sure what they've changed yet, although expect a ton of data shortly, we will post updates. #ParlerLeaks archive.today Saved from https://home.parler.com/1 search 17 Jul 2020 19:40:05 UTC no other snapshots from this url webpage capture Redirected from http://home parler.com/1 no other snapshots from this url All snapshots from host home parler.com Webpage Screenshot O share O download zip report bug or abuse donate 0% <?php # Database Configuration define( 'DB_NAME, 'wp_parler' ); define( 'DB_USER', 'parler' ); define( 'DB_PASSSWORD", 'hIP9PEV6u1GXfG4F8jEA' ); define( 'DB_HOST', '127.0.0.1' ); define( 'DB_HOST_SLAVE', '127.0.0.1' ); define('DB_CHARSĒT', 'utf8'); define('DB_COLLATE', '); $table_prefix = 'wp_'; # Security Salts, Keys, Etc 10% define('AUTH_KEY', define('SECURE_AUTH_KEY', define('LOGGED_IN_KEY', define('NONCE_KEY", define ('AUTH_SALT', define ('SECURE_AUTH_SALT', '+bq>ou,c^1#[711#\|R+7-[;$iw>35Q@N\|^l>x7-ec<N5p +\|9ESD)D1T600tw! (x'); define('LOGGED_IN_SALT', define ('NONCE_SALT', "@, 9_voP3sKC3z&&P}[(-h2#UOM_0][®2%]MW:h7}L,G. IN1J@bKYoohoqH<, ?F' ); 'P.@=4N!!c{@#`7:gzJc{4E:`Cxtv* \|MJI%)İY/ck8M^_:deE^eqy Tw{qV/ Im ?'); '6n[E;I, v7}~IgN; Rm-1FK10Z!eg(pwz9[\|1R]j-j&#YAVY[y; eNp rK/309N>'); 'E@V! WK#Z@h%ZRs5dRg?7!orCFbGAUNLXxf3\|:55g(++`$CQve53n7]u}}]ck5{;l'); '+! 5MfxQ7]x >FNius\|/c:nx yG=ksow)+jzbgjogXQar),&HY>{\| v8pBA;$i-w'); " $A\|fycz&k^-(25xb/mjyd/Mj9}n e\|MhiTS+I?-,^.$Di);fr<3s&uP\| 2&C-_M&2'); "V6+vw2U1\|12XX5IUO-Quq\|o+LOQp4ckfT{=KbYoi Th6)6~)e~f5dDR>l#>i(>}'); # Localized Language Stuff define( 'WP_CACHE', TRUE ); 20% define( 'WP_AUTO_UPDATE_CORE ', false ); define( 'PWP_NAME', 'parler' ); define( 'FS_METHOD', 'direct'); define( 'FS_CHMOD_DIR', 0775 ); define( 'FS_CHIHOD_FILE', 0664 ); define( 'PWP_ROOT_DIR', '/nas/wp' ); 30% define( 'WPE APIKEY', 'a1495db2888c2a21d556a9d9d0617935fbb5be57' ); define( 'WPE_CLUSTER_ID', '151738' ); define( 'WPE_CLUSTER_TYPE', 'pod' ); define( "WPE_ISP', true ); define( 'WPE_BPOD', false ); 2:22 PM · Nov 24, 2020 · TweetDeck$ November 2020 Parler Hack* Uploaded by Matt
November 2020 Parler Hack Uploaded by Matt	November 2020 Parler Hack Uploaded by Matt