SiegedSec, a collective of self-proclaimed “gay furry hackers,” has claimed credit for breaching online databases of the Heritage Foundation, the conservative think tank that spearheaded the right-wing Project 2025 playbook. SiegedSec released a cache of Heritage Foundation material as part of a string of hacks aimed at organizations that oppose transgender rights, although Heritage disputed that its own systems were breached.
In a post to Telegram announcing the hack, SiegedSec called Project 2025 “an authoritarian Christian nationalist plan to reform the United States government.” The attack was part of the group’s #OpTransRights campaign, which recently targeted right-wing media outlet Real America’s Voice, the Hillsong megachurch, and a Minnesota pastor.
In his foreword to the Project 2025 manifesto, the Heritage Foundation’s president, Kevin Roberts, rails against “the toxic normalization of transgenderism” and “the omnipresent propagation of transgender ideology.” The playbook’s other contributors call on “the next conservative administration” to roll back certain policies, including allowing trans people to serve in the military.
“We’re strongly against Project 2025 and everything the Heritage Foundation stands for,” one of SiegedSec’s leaders, who goes by the handle “vio,” told The Intercept.
In its Telegram post, SiegedSec said it obtained passwords and other user information for “every user” of a Heritage Foundation database, including Roberts and some U.S. government employees. Heritage Foundation said in statement Wednesday that SiegedSec only obtained incomplete password information.
The remainder of more than 200GB of files the hackers obtained were “mostly useless,” SiegedSec said.
The Intercept reviewed copies of files provided to the transparency collective Distributed Denial of Secrets. They included an archive of the Heritage Foundation’s blogs and a Heritage-aligned media site, The Daily Signal, as of November 2022.
This is at least the second hack against the Heritage Foundation this year. In April, Heritage shut down its network following a cyberattack tentatively attributed to nation-state hackers. SiegedSec targeted the Heritage Foundation in early June, according to vio, who denied involvement in the earlier attack.
A spokesperson for the Heritage Foundation said Wednesday that the files were not obtained by hacking its systems, but that SiegedSec discovered them on a third party’s site.
“An organized group stumbled upon a two-year-old archive of The Daily Signal website that was available on a public-facing website owned by a contractor,” said Noah Weinrich, a Heritage spokesperson. “No Heritage systems were breached at any time, and all Heritage databases and websites remain secure, including Project 2025. The data at issue has been taken down, and additional security steps have since been taken as a precaution.”
SiegedSec’s other recent operations have targeted NATO and Israeli companies to oppose the war in Gaza.
Update: Wednesday, July 10, 6:36 p.m. ET
This article was updated to include comment from the Heritage Foundation disputing that the files released by SiegedSec were the result of a hack of its systems and were hosted instead on a third party’s website.
Latest Stories
AIPAC Millions Take Down Second Squad Member Cori Bush
Bush was early calling for a ceasefire in Israel's war on Gaza. Then AIPAC came after her with millions of dollars.
The U.S. Has Dozens of Secret Bases Across the Middle East. They Keep Getting Attacked.
An Intercept investigation found 63 U.S. bases, garrisons, and shared facilities in the region. U.S. troops are “sitting ducks,” according to one expert.
What Tim Walz Could Mean For Kamala Harris’s Stance on Gaza and Israel
Walz allows for Harris to “turn a corner” in her policy on the war in Gaza, said James Zogby, president of Arab American Institute.