The badges corresponded with a tag in the database, which allowed investors to be looked at in detail. Users who invested $200 could display a “Gab investor badge” on the site. The 2017 share offering, for example, required a minimum investment of $199.10, and rewarded investors who contributed a greater amount with “perks”. Gab investors contributed in one of three share offerings and one convertible note, a form of short-term debt that converts into equity, according to its financial reporting. The leaked files contained what appears to be a database of over 4.1 million registered users on the site and tags identifying subscribers as “investors”, “verified” users and “pro” users. He did not respond to the Guardian’s request for comment on its content. Torba acknowledged the vulnerability and the breach in a statement released following the leak but did not comment on the authenticity of the data or particular content.
The data was not publicly released, but was offered selectively to reporters and activists by the transparency organization Distributed Denial of Secrets. News of the initial breach was first reported by Wired magazine on 28 February, after reports about it had been circulating online. People hug on the sidewalk outside the Tree of Life synagogue in Pittsburgh on 27 October, the second anniversary of the shooting. And they mark hundreds of active users on the site as “automated”, appearing to indicate administrators knew the accounts were bots but let them continue on the platform regardless.įinally, the data appears to contain direct messages between the Gab CEO, Andrew Torba, and a user who has been identified as a high-profile QAnon influencer, showing the entrepreneur seeking direct feedback on site design from a member of a group that promotes a “spiderweb of rightwing internet conspiracy theories with antisemitic and anti-LGBTQ elements”, according to the Southern Poverty Law Center. They also appear to give an overview of verified users of the platform, including prominent rightwing commentators and activists. The user lists appear to mark 500 accounts, including neo-Nazis, QAnon influencers, cryptocurrency advocates and conspiracy theorists, as investors. The breach, news of which first emerged in late February, allowed hackers to extract Gab databases that appear to show user accounts and a history of public posts and direct messages.
A data breach at the fringe social media site Gab has for the first time offered a picture of the user base and inner workings of a platform that has been opaque about its operation.