SiegedSec was led by an individual under the alias "vio".[9] Short for "Sieged Security",[10][11][12] SiegedSec's
Telegram channel was first created in April 2022,[13] and they commonly referred to themselves as "gay furry hackers".[14][15] SiegedSec has targeted a wide variety of organisations, ranging from intergovernmental organisations like NATO[3][4] and federal research facilities like the Idaho National Laboratory[1][2] to
right-wing movements like
The Heritage Foundation[16][17] and
Real America's Voice,[18] and various
U.S. states that have pursued legislative decisions against
gender-affirming care.[19]
Notable attacks
Atlassian
On February 14, 2023, major Australian software provider
Atlassian had its data leaked on the internet by SiegedSec using stolen employee credentials. 13,000 employee records were affected in this hack, and SiegedSec was also able to obtain floorplans for Atlassian offices.[20]
#OpTransRights movements
In June 2023, SiegedSec targeted several United States government entities to protest anti–gender-affirming-care bills. The hackers released a variety of data including data from the Government of Fort Worth Texas, The
Nebraska Supreme Court, and South Carolina police files.[19]
In April and May 2024, SiegedSec began their second
trans rights operation, #OpTransRights2. The hackers successfully targeted and leaked data from
Real America's Voice[6][7] and River Valley Church.[21]
University of Connecticut
In July 2023, SiegedSec sent a series of
spoof emails to undergraduate
University of Connecticut students using
LISTSERV, falsely announcing the "Unfortunate Passing of
Radenka Maric". During an interview with the Hartford Courant, "vio" claimed responsibility for the incident, explained the vulnerability which allowed for them to perform the hack, and said that they "did it for the lulz".[9]
NATO
In 2023,
NATO portals were compromised twice by SiegedSec. The leak totalled over 3000 internal documents.[22][3][4][5] The portals compromised were Joint Advanced Distributed Learning, NATO Lessons Learned Portal, Logistics Network Portal, Communities of Interest Cooperation Portal, NATO Investment Division Portal, and NATO Standardization Office.[23] Shortly after the incident, NATO announced that they would be investigating the attack.[24][25]
Bezeq
On October 30, 2023, SiegedSec attacked
Bezeq, one of the largest Israeli telecommunication providers. The hackers released information on nearly 50,000 customers.[26]
Idaho National Laboratory
In November 2023,
Idaho National Laboratory's
Oracle HR system was compromised leading to the leaking of personal employee data,[27] with the group demanding that the laboratory put research into "creating real-life
catgirls" in exchange for the data to be removed.[11] On February 7, 2024, a number of employees received ransom payment requests in the mail with their data.[28]
The Heritage Foundation
In July 2024, SiegedSec announced that they had breached and leaked data from conservative think tank
The Heritage Foundation, which has led the
Project 2025 proposals. They released a statement on
Telegram, calling the proposals "an authoritarian
Christian nationalist plan to reform the United States government."[15] A Heritage spokesperson dismissed the attacks as "a false narrative and an exaggeration", stating that all databases, systems and websites remained secure.[29][30] The hacking group released chatlogs of a conversation on
Signal between "vio" and Heritage Foundation executive Mike Howell, in which Howell stated that he, in collaboration with the
FBI, was "in the process of identifying and outting [sic] members of your group."
Disbandment
After releasing the Heritage Foundation chatlogs, SiegedSec announced that they would be disbanding "for our own mental health, the stress of mass publicity, and to avoid the eye of the FBI."[31]