A collective of self-professed “gay furry hackers” breached databases at a nuclear research laboratory in Idaho this week and released thousands of human resources records. Their only ransom demand? The lab must begin a catgirl research program.
SiegedSec, the hacker collective that attacked government systems in five states earlier this year, claimed responsibility for infiltrating the Idaho National Laboratory (INL) in a Telegram post on November 16. According to its website, INL is one of the country’s largest nuclear research facilities and maintains the Advanced Test Reactor, which is used for both medical and military programs.
The records, which contain names, addresses, and Social Security numbers of employees and other users, were released through SiegedSec’s Telegram channel and confirmed to be authentic by the INL and East Idaho News.
“meow meow meow meow meow meow meow [...] woah so much crunchy data :3” SiegedSec wrote on Telegram. “we're willing to make a deal with INL. if they research creating irl catgirls we will take down this post.”
SiegedSec rose to prominence in 2022 with several hacks protesting the overturning of Roe v. Wade. The hacker collective has since claimed responsibility for breaching government and NATO computer systems, as well as those of private companies, including software company Atlassian. They said their attacks on state governments earlier this year were in retaliation to those states’ anti-transgender laws. Since October, the group has also embarked on what it calls #OpIsrael, claiming responsibility for a string of cyber attacks on Israeli satellites, industrial systems, and telecommunications companies.
“we wont [sic] be stopping any time soon ;3” the group wrote on Telegram earlier this month after announcing a hack of Israeli telecom giant Cellcom. “ain't been caught yet, we ain't even broke a sweat.” SiegedSec claimed that this attack was planned in coordination with the group AnonymousSudan, who they described as being “officially gay furries.”
But while many of SiegedSec’s targets are chosen for “hacktivist” (political) reasons, SiegedSec did not initially confirm a definite, non-catgirl motive for the INL attack. In a post to X, formerly Twitter, following the hack, SiegedSec wrote, “Many people ask ‘why?’ for INL breach. We are cats, intricacies such as ‘why’ do not concern us.”
However, in an emailed response to Them’s request for comment, SiegedSec representatives laid out their motivations for hacking the Idaho lab, and exhorted Americans to get better at understanding jokes.
“Our motivation for hacking is purely personal. We hack because we can, and because it's funny to see our exploits in the news,” they wrote, using translation software. “Often, we go after organizations for hacktivist reasons because we see what they are doing in the news and decide that they deserve to be punished.” The decision to hack INL was not because of a specific political goal, they explained, but part of a general mission to damage the U.S. government, which they called “one of the driving evil forces in the world.” They explained, “INL was set up as a target because it's one of the largest nuclear labs in America, and we decided to target another American infrastructure and government."
SiegedSec also strongly emphasized they do understand how science works, and expressed some annoyance that not everyone grasped their comedy. “The catgirl statement was also a joke, we are aware of the difference between nuclear and genetic scientist[s],” the anonymous member wrote. “many people do not understand this so be sure to include in [your] article.”
The INL breach is not the first time the group has shown that it has political as well as comedy-based motivations. A Telegram post last year announcing an attack on Kentucky government servers also included the message “4 the record, we will still do blackhat stuff,” indicating the group’s long-term intent to mix hacktivism with digital intrusions for financial gain or amusement. SiegedSec has been compared by some in the cybersecurity community to LulzSec, a similarly irreverent black-hat group that compromised CIA systems “for the lulz” in 2011. There are ethical lines SiegedSec won’t cross, though; in their messages regarding the state government attacks earlier this year, the group said they’d redacted health information about minors because “well its [sic] child care.”
Apart from sowing chaos and making themselves laugh, it’s unclear as to what SiegedSec hopes to accomplish with their catgirl ransom, but it certainly lends credence to their rallying cry of “gay furries pwn the internet.” Another self-described gay furry hacker, maia arson crimew, is not affiliated with SiegedSec but was responsible for leaking the U.S. government’s no-fly list in January. So remember, if you have anything to do with any government in the world, tread carefully with your private data — you never know when it’ll get well and truly yiffed.
Update: This article has been updated to include comments from SiegedSec.
Get the best of what’s queer. Sign up for Them’s weekly newsletter here.