Personal email addresses of more than 300 gold-badged – or verified – Parler accounts were publicly revealed in a marketing letter.
The right-wing social media platform has accidentally exposed the personal email addresses of its verified users, including investors, after its outreach team seemingly confused CC and BCC fields.
Workweek CEO Adam Ryan reported the leak on Twitter. In what he described as "media operations fail," VIP user addresses were exposed after being CC'd rather than BCC'd as intended.
"Now hundreds of people are replying and everyone has access to the personal emails of many verified users and Parler investors," Ryan said in a tweet.
Cybernews has reached out to Parler for comment.
"Monumental new chapter"
The email announced "an agreement in principle" to sell Parler to rapper and fashion designer Kanye West, who now goes by Ye. It said Parlement Technologies, the social platform's parent company, expected to complete the sale by the end of this year.
It described the deal as a "monumental new chapter" but said the platform's core mission would remain the same. It promised its VIPs would continue to be an "invaluable" part of Parler and communicate with the same outreach team – even though that might now be in question.
Parler did not provide more details about the deal with Ye. It was previously reported that the Nashville-based company raised $56 million in funding from external investors.
Ye's decision comes after Twitter and Instagram locked the rapper out of his accounts for expressing anti-Semitic views. He opened a Parler account on Monday.
"In a world where conservative opinions are considered to be controversial we have to make sure we have the right to freely express ourselves," Ye said in a statement announcing his proposal to buy the social network.
Role in Capitol attack
Parler, which markets itself as a "free speech" alternative to Twitter, gained notoriety after the US Capitol riots in January 2021. Apple and Google temporarily removed Parler from their app stores amid claims that it was used to organize the attack.
Following the riots, the platform was hit by a massive data scrape, with 70TB of Parler users' messages, videos, and posts leaked. The leak included deleted posts, which means the platform stored user data after they deleted it.
Those behind the scrape believed the retrieved data might prove valuable to law enforcement investigating the Capitol attack. It also raised ethical questions about the privacy of users who had nothing to do with it.
No proof was found that Parler was hacked in a conventional sense. Some security researchers attributed the breach to poor engineering and lack of testing on Parler's side, which, they said, facilitated the mass collection of archived data.
"The platform was inherently insecure and was leveraged in a group effort before being taken down," cybersecurity expert Matt Warner told Cybernews at the time.
More from Cybernews:
Subscribe to our newsletter