Beleaguered social networking site Gab was breached on Monday, marking the second time in as many weeks that hackers have gained unauthorized access to a platform that caters to users pushing hate speech and pro-Trump conspiracy theories.
The compromise came to light after someone hijacked the account of Gab founder and CEO Andrew Torba and left a post criticizing him for not paying an 8 bitcoin ransom for the safe return of documents used to verify the identity of some users. The unknown hacker also accused Torba of failing to disclose the full extent of the earlier breach.
Gab quickly took the site offline and removed the post, but not before it was archived here. When the service was restored a few hours later, Torba posted a statement saying that Monday’s breach was the result of site administrators failing to revoke OAuth2 bearer tokens, which browsers and mobile apps store after a user has successfully logged in to a site.