SiegedSec, a collective of self-proclaimed “gay furry hackers,” has claimed credit for breaching online databases of the Heritage Foundation, the conservative think tank that spearheaded the right-wing Project 2025 playbook. SiegedSec released a cache of Heritage Foundation material as part of a string of hacks aimed at organizations that oppose transgender rights, although Heritage disputed that its own systems were breached.
In a post to Telegram announcing the hack, SiegedSec called Project 2025 “an authoritarian Christian nationalist plan to reform the United States government.” The attack was part of the group’s #OpTransRights campaign, which recently targeted right-wing media outlet Real America’s Voice, the Hillsong megachurch, and a Minnesota pastor.
In his foreword to the Project 2025 manifesto, the Heritage Foundation’s president, Kevin Roberts, rails against “the toxic normalization of transgenderism” and “the omnipresent propagation of transgender ideology.” The playbook’s other contributors call on “the next conservative administration” to roll back certain policies, including allowing trans people to serve in the military.
“We’re strongly against Project 2025 and everything the Heritage Foundation stands for,” one of SiegedSec’s leaders, who goes by the handle “vio,” told The Intercept.
In its Telegram post, SiegedSec said it obtained passwords and other user information for “every user” of a Heritage Foundation database, including Roberts and some U.S. government employees. Heritage Foundation said in statement Wednesday that SiegedSec only obtained incomplete password information.
The remainder of more than 200GB of files the hackers obtained were “mostly useless,” SiegedSec said.
The Intercept reviewed copies of files provided to the transparency collective Distributed Denial of Secrets. They included an archive of the Heritage Foundation’s blogs and a Heritage-aligned media site, The Daily Signal, as of November 2022.
This is at least the second hack against the Heritage Foundation this year. In April, Heritage shut down its network following a cyberattack tentatively attributed to nation-state hackers. SiegedSec targeted the Heritage Foundation in early June, according to vio, who denied involvement in the earlier attack.
A spokesperson for the Heritage Foundation said Wednesday that the files were not obtained by hacking its systems, but that SiegedSec discovered them on a third party’s site.
“An organized group stumbled upon a two-year-old archive of The Daily Signal website that was available on a public-facing website owned by a contractor,” said Noah Weinrich, a Heritage spokesperson. “No Heritage systems were breached at any time, and all Heritage databases and websites remain secure, including Project 2025. The data at issue has been taken down, and additional security steps have since been taken as a precaution.”
SiegedSec’s other recent operations have targeted NATO and Israeli companies to oppose the war in Gaza.
Update: Wednesday, July 10, 6:36 p.m. ET
This article was updated to include comment from the Heritage Foundation disputing that the files released by SiegedSec were the result of a hack of its systems and were hosted instead on a third party’s website.
Contact the author:
Related
Latest Stories
Israel’s War on Gaza
The Israeli Army Warned Them About the Wrong Building. Then an Airstrike Killed Three Journalists.
A monthslong investigation unpacks a false warning and an Israeli airstrike in the deadliest war for journalists on record.
Israel’s War on Gaza
Dozens of Lawmakers Are Protesting Netanyahu — but Have Little to Say About Israel’s Systemic Abuses of Palestinians
Most lawmakers explained their boycott by focusing on the Israeli prime minister himself as a bad actor, rather than the system he represents.
As Republicans’ 2024 Strategy Is Upended, Poll Shows Nebraska Senate Seat May Be Up for Grabs
A recent poll shows Dan Osborn, a UAW-backed Nebraska independent underdog, tied with Republican incumbent Sen. Deb Fischer.