Self-described “gay furry hackers” who form the hacking group known as “SiegedSec” (short for “Sieged Security”) claim to have breached the Heritage Foundation’s online databases. The Heritage Foundation says its own systems were not breached.
“We’re strongly against Project 2025 and everything the Heritage Foundation stands for,” a Sieged Security leader who goes by “vio” told the Intercept. SiegedSec said it obtained more than 200GB of files, as well as information for “every user” in the Heritage Foundation database. The attack was a part of SiegedSec’s effort dubbed “Operation Trans Rights,” which has targeted government websites, churches, and right-wing media.
Project 2025 is a roughly 900-page policy book released by the Heritage Foundation for the next administration to follow, ranging from guidelines for cracking down on illegal immigration to breaking up the Department of Education. Trump has distanced himself for the initiative, saying “I know nothing about Project 2025.”
“The story of a ‘hack’ is a false narrative and exaggeration by a group of criminal trolls trying to get attention,” said Noah Weinrich, the Heritage Foundation’s public relations director. Instead, Sieged Security “stumbled upon a two-year-old archive of the Daily Signal website that was available on a public-facing website owned by a contractor.”
Mike Howell, executive director of the Heritage Oversight Project and former member of Trump’s administration, initiated a conversation on Signal with a SiegedSec leader who goes by “vio.”
“Closeted Furries will be presented to the world for the degenerate perverts they are,” Howell wrote, according to copies of the messages released by Sieged Security and confirmed to be accurate by Howell. “You cannot hide. Your means are miniscule [sic] compared to mine. You now can either turn yourself in or you can cooperate.”
“[T]he only ones deserving of a destroyed life are those within your organisation,” the hacker responded, adding that “the rights your org violates will be 10x worse than any crime [I’ve] committed.”
“Are you aware that you won’t be able to wear a furry tiger costume when you’re getting pounded in the ass in the federal prison I put you in next year?” Howell wrote, adding that he is working with the FBI to find the hacker. Howell also gave written permission for the conversation to be shared.
Although “gay furry hackers” might sound unserious, the group claims responsibility for releasing sensitive data from high-profile organizations and institutions. SiegedSec breached a server used by the Idaho National Laboratory, a leading U.S. nuclear-research facility, and obtained personal data in November last year, National Review previously reported.
“Meow meow meow meow meow meow meow,” the group wrote. The hackers added that “we’ve successfully gained access to Idaho National Laboratory” and that “we’ve accessed hundreds of thousands of user, employee and citizen data,” including full names, dates of birth, addresses, and social security numbers.
“We’re willing to make a deal with [Idaho National Laboratory]. If they research creating IRL [in real life] catgirls, we will take down this post,” the hackers wrote. A “catgirl” generally refers to a young, breasted female animated character with feline traits, like cat ears or a tail.
Sieged Security claims that it has hacked NATO twice in 2023 and released sensitive documents. NATO confirmed that it is “facing persistent cyber threats” and has implemented “additional cyber security measures.”