GiveSendGo Hacked, Info of Donors to Freedom Convoy Reportedly Sent to Leak Site
The hack comes after GiveSendGo said it would still send donations to the truckers.
Distributed Denial of Secrets, a leak site, claimed it received information about donors to the Canadian Freedom Convoy after activists hacked GiveSendGo.
BREAKING: GiveSendGo, the crowdfunding website used by the Freedom Convoy, is now redirecting to the domain GiveSendGone[.]wtf.
A video from the Disney film Frozen now appears alongside a manifesto condemning the website and the Freedom Convoy. pic.twitter.com/3TLAwfvZ3w
— Mikael Thalen (@MikaelThalen) February 14, 2022
An S3 bucket run by GiveSendGo was found to be leaking pics of drivers licenses, military IDs, passports, & other sensitive docs just days ago.
Source tells me that despite an attempted fix, the bucket was exploited again to allow the takeover of the site https://t.co/2cnPIGMkuo
— Mikael Thalen (@MikaelThalen) February 14, 2022
The leaked data appears to include email addresses, IP addresses, zip codes, as well as names (although some users could have used fake names).
— Mikael Thalen (@MikaelThalen) February 14, 2022
The journalism collective DDoSecrets secured a copy of the leaked donor data from GiveSendGo.
Given the sensitive nature of the data, DDoSecrets says it will only be providing copies to journalists and researchers. pic.twitter.com/oa6xoAAZi2
— Mikael Thalen (@MikaelThalen) February 14, 2022
To clarify, this is not the same issue that was reported by TechCrunch last week. Or the follow-up piece I did on the issue not being fixed, which saw pics of IDs and other docs still exposed.
This hack & leak of alleged donor names, emails, IP addresses, etc is new.
— Mikael Thalen (@MikaelThalen) February 14, 2022
From Reuters:
Reuters could neither immediately confirm the hack nor the leak claims, although Distributed Denial of Secrets (DDoS) has a long record of hosting leaked data from right-wing organizations, including the far right Patriot Front and the Oath Keepers.
DDoS said that, because the donor information contains sensitive personal information, it would not be making the data available publicly but will instead be offering it to “journalists and researchers.”
DDoS describes itself as a non-profit devoted to enabling the free transmission of data in the public interest.
Stacey blogged on Sunday that GiveSendGo would defy the Ontario Supreme Court of Justice and continue to send donated funds to the truckers.
Know this! Canada has absolutely ZERO jurisdiction over how we manage our funds here at GiveSendGo. All funds for EVERY campaign on GiveSendGo flow directly to the recipients of those campaigns, not least of which is The Freedom Convoy campaign.
— GiveSendGo (@GiveSendGo) February 11, 2022
Please push this out there: The funds from the Freedom Convoy are not frozen contrary to what you might be hearing on the news. GiveSendGo is working with many different campaign organizers to find the most effective legal ways to continue funds flowing.
— GiveSendGo (@GiveSendGo) February 12, 2022
DONATE
Donations tax deductible
to the full extent allowed by law.
Comments
GiveSendGo is hacked. Donor info is leaked. DOJ does nothing. Garland is busy investigating parents who complain about CRT being taught to their children.
Garland’s Stasi may have helped the hackers out.
There are no coincidences. Smells like desperation on the part of State Actors.
Indisputable federal felony computer crime.
Where is the FBI?
Paying the hackers, if Russiagate is any guide.
Do you suppose that Georgia Tech was behind this attack as well?
Why do you ask? Was it GA Tech that Durham was referring to that was involved in the Clinton Russiagate conspiracy?
Georgia Tech has been named online as the institution referenced in Saturday’s filing by Durham. Note my careful wording, and the lack of reliable references I can provide.
No, no, no. The FBI just needs to apply the “Cankles Doctrine”….. they didn’t INTEND to break the law, therefore presto, change-o!
And a “journalist” promptly posted it on Twatter, despite Twatter’s alleged “anti-doxxing” policy.
https://twitchy.com/samj-3930/2022/02/14/fascists-and-their-lists-blue-check-loser-dean-blundell-dragged-for-doxxing-freedomconvoy-donors-from-givesendgo-hack/
Why not? There will be no consequences. Twitter’s policies only apply to people Twitter doesn’t like. Same as facebook, Youtube, et al.
I’d say the fair punishment is to ruin his life in turn, but it looks like he already did that himself.
It gets worse until they have the barrel of a gun pointing at them.
That is the only way to stop them.
All part of their intimidation tactics, now they have a list of people who’s lives are targeted for ruin.
Bring it on, I used my actual name.
As did I. For this very reason. I knew our own government would hack the site and get the info.
I’d say the chances that this wasn’t obtained by a US intelligence agency are just about zero.
The stuff Obama and Biden have pulled off wouldn’t even been dreamed about by Nixon.
Leviathan strikes back.
“…although Distributed Denial of Secrets (DDoS) has a long record of hosting leaked data from right-wing organizations, including the far right Patriot Front and the Oath Keepers.”
Because Reuters knows that mostly it is only Right Wingers who hack into governments, organizations and companies to steal data to give to outfits for public release and hoped for humiliation and retaliation.
R i g h t.
Hils made a comment lately?
I haven’t seen her in a while.
Yeah, she’s trying to make a buck with “But her emails” hats, if you can imagine. Given these revelations, her hats are [oh just fill in the blank].
.”….her hats are making her ass look big.”
Is there a specific reason why Mikael Thalen’s twitter account has not been suspended by twitter?
This looks a little bit suspicious to me.
I don’t have a twitter account. Asking for me.
And by hacked they almost certainly mean a lefty on the inside stole the information or gave credentials to outsiders.
Isn’t this cyberterrorism?
Yea, state sponsored “cyber terrorism”…
The domain givesendgone[.]wtf was created on 13 February, the day after GiveSendGo announced they would not comply with Ontario’s demand to stop the funding. The website wasn’t designed as a look-alike. It just had a link to the exfiltrated data.
Maybe coincidental, another domain was registered one day later on the 14th similar to givesendgone[.]wtf – givesendgone[.]com. Registrant data is also privacy protected and it uses a different registrar. The IP it resolves to is on a Canadian Class C. Other than the name similarity and the registration date, there isn’t much more that can be said.
“Canada has absolutely ZERO jurisdiction over how we manage our funds here at GiveSendGo.” That’s true, but you can rest assured that with the Democrats in power, the current US government will lend its support (legal and extra-legal) to the Trudeau government, and with cyber attacks from the radical left it’ll be a lot harder to get financial support in the future for any group who wants to protest government corruption/lawlessness. If the coordinated government/hacker attacks work this time, this will be the template for future abuse.
Follow up to my last. Another look-alike domain name turned up with “go” instead of “gone” — givesendgo[.]wtf. It was registered today (16 Feb 2022). Web page layout looks like “govesendgone[.]com’s. If related, could be these guys aren’t finished posting stolen data. It’s not unusual to create multiple domains in case one gets discovered.