An established cybercrime group with a track record of attacking political targets posted on Tuesday roughly two gigabytes of data from the Heritage Foundation, a prominent conservative think tank based in Washington, D.C.

Self-described “gay furry hackers,” SiegedSec said it released the data in response to Heritage Foundation’s Project 2025, a set of proposals that aim to give Donald Trump a set of ready-made policies to implement if he wins this fall’s election.

The data includes the “full names, email addresses, passwords, and usernames” of people associating with Heritage, vio said, including users with U.S. government email addresses.

The attack was carried out as part of SiegedSec’s “OpTransRights,” campaign, which has previously included the defacement of government websites and data theft from states either considering or implementing anti-abortion or anti-trans legislation.

SiegedSec, which emerged on Telegram in April 2022, has also targeted various NATO portals, the city of Fort Worth and a company involved in the monitoring of offshore oil and gas facilities.

  • TheDoctor [they/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    59
    ·
    4 months ago

    Here’s the relevant message:

    final hack~

    over the past 7 days, we have released a hack every day, from NATO to Israel, we attacked many. we have one more gift for you all, its one minute till midnight so i’ll start the show~

    we hacked The Heritage Foundation :3 (holy moly!!!) The Heritage Foundation is a conservative think tank in America, among the most influential public policy organizations. this organization is responsible for leading Project 2025, an authoritarian Christian nationalist plan to reform the United States government.

    Project 2025 threatens the rights of abortion healthcare and LGBTQ+ communities in particular. so of course, we won’t stand for that! -

    we have gained access to The Heritage Foundation’s database, with user data, logs, and other juicy info :D we also accessed 200GB+ of other, mostly useless, files in their server. these useless files wont be leaked.

    mew mew i wonder what would happen if we leaked the passwords, email addresses, and full names of every user :3 every US government employee, even the Heritage president Kevin Roberts.

    be gay do crime~

    LEAK: https://mega.nz/file/cD8mHRjD#YGxykiDiQMdvMz1SneiwPL6zTDBhs8rTxtUwQ9lEujM

    thank you to verty for greatly helping with this hack!

    dear heritage foundation,

    get in touch with us! we will make fun of you endlessly :3

    [email protected]

    signal: cybercrimecat.69

    love, gay furry hackers <3

    #OpTransRights

    thank you everyone who has supported us. we have an important announcement coming soon.

    • roux [he/him, they/them]@hexbear.net
      link
      fedilink
      English
      arrow-up
      22
      ·
      edit-2
      4 months ago

      My ass reinstalling dbeaver for some unknown reason…

      E: I glanced at it in a text editor but the file is so big it crashed. It has info from as far back as at least 2008. User’s seemingly IRL names, email addresses, IP addresses, and at least states they are in(as stated in the OP). Pretty fun stuff. I might actually try and get dbeaver set up for it later because it’s hard to parse in plain text.

        • Dr. JenkemA
          link
          fedilink
          English
          arrow-up
          9
          ·
          4 months ago

          Gamers need to bust out those fancy GPUs and start running hashcat. A lot of these reactionaries are probably using shit passwords, I bet a bunch can be cracked with dictionary attacks.