Security

Hacktivists Leak Daily Signal Data Due to Heritage Foundation’s Project 2025

Written by Lore Apostol
Published on July 10, 2024

Hacktivists gained unauthorized access to the conservative Heritage Foundation and affiliated right-wing media outlet The Daily Signal on July 9 and published almost 2GB of data. The data breach affected over 72,000 unique user accounts, exposing email addresses, IP addresses, names, passwords, and usernames.

The established cybercrime gang SiegedSec, which has a track record of attacking political targets, calls itself a hacktivist group and said it released the data in response to the Heritage Foundation’s Project 2025. The leaked data also includes Heritage Foundation blogs and The Daily Signal content created between 2007 and November 2022.  

The 72,004 compromised accounts were verified and added on July 10 to the breach notification service Have I Been Pwned, which says the emails were primarily users commenting on articles and content contributors. 

User comments were also available in the leak, along with contributors' usernames and passwords stored as either MD5 or phpass hashes.

This attack is part of SiegedSec’s “OpTransRights” campaign, which previously saw government websites defaced and conducted data theft targeting American states considering or implementing anti-abortion or anti-trans laws. In the past, this group has also targeted some NATO portals, among others.

The prominent conservative think tank based in Washington, D.C., created a set of right-wing-friendly proposals that Donald Trump could readily implement if he wins this fall’s U.S. presidential election. Supported by the Heritage Foundation, Project 2025 has already brought together 45 right-of-center organizations.

In April, a nation-state hacking group also breached the think tank, forcing Heritage to shut down its network.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: