It appears that the researchers were able to collect this information before AWS removed Parler from its platform.
Parler data was captured before it was removed by AWS
Security researchers claim to have downloaded a huge amount of information from Parler before the service was taken offline by Amazon Web Services. The app, which was popular with many supporters of US President Trump, contained many posts, photos, and videos from the January 6 attack, and after the social network got deplatformed by multiple tech companies (including Google Play, Apple's App Store, and AWS) this information would have been lost forever. However, before that happened, security researchers claimed to have downloaded and leaked around 70TB of data from Parler, which is being distributed online.
On Twitter, a researcher going by donk_enby posted about capturing data from Parler. According to them, a press release from Twilio, a B2B messaging provider, revealed the details of Parler's security partner Okta, which also said it will not support Parler.
Update - Twilio's corporate communications team replied to Gadgets 360 to state that it had no involvement in the breach of Parker's data. The company said: "With regards to reports of cyber security issues Parler experienced and have been attributed to Twilio, our security team investigated the claims and found no evidence indicating their security issues were related to Twilio or our products. Per our Website, Twilio has not issued any press releases pertaining to or referencing Parler." The full statement from Twilio is pasted at the end of this article.
Soon others found that Parler's phone and email verification were no longer working, and that it was possible to create accounts in Parler's system, as admin users. A Reddit post explained this in more detail — essentially, the Forgot password link would normally require verification. But because Parler's communications tools were not working, researchers were able to override this and log into accounts. And once they were able to log into accounts with administrator access, they were able to create new accounts, also with administrator access. These accounts were then used to take data dumps from Parler through crowdsourcing here, creating a 'Parler tracker'.
This is not fully verified — there's no clear explanation about whether these services being down is what led to Parler being compromised. It also mentions a press release from Twilio which, as the company now stated, does not exist. However, huge amounts of data that appear legitimate are being shared — it's possible that the researchers have obfuscated the way it was compromised for security reasons.
However, according to the researchers, the data including deleted posts, because (according to their Twitter post) Parler did not actually delete posts when they were removed, but simply removed the pointer to that post. This is actually a fairly common practice in many scenarios, as the data is for all practical purposes “inaccessible” to users while doing this.
According to the security researchers, video and image data still has EXIF data (metadata of things like time, date, and location), and some of the other data they've been able to gather is the Verified Accounts documents — on Parler, users that are verified have done so by uploading photos of their government IDs.
The researchers said that this data could be useful to law enforcement who want to identify the people that took part in the violence in Washington on January 6.
Update - Twilio's full statement is reproduced below:
With regards to reports of cyber security issues Parler experienced and have been attributed to Twilio, our security team investigated the claims and found no evidence indicating their security issues were related to Twilio or our products. Per our Website, Twilio has not issued any press releases pertaining to or referencing Parler. Furthermore, Parler was using Twilio to send out identity verification codes for new downloads or password resets. Once a user was verified, security protocols were independently handled by Parler and did not involve Twilio or its products. On Friday, January 8th, we sent Parler a letter informing them they were in violation of our Acceptable Use Policy and notifying them that we would suspend their account if they did not make efforts to remediate multiple calls for violence on their platform. Shortly after receiving our letter, Parler informed us they had already turned off their integration with Twilio. Any cyber security issues experienced by Parler were completely unrelated to Twilio or any of its products.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.