Who Are The 'Gay Furries' That Hacked The Heritage Foundation? The Hacktivist Group 'SiegedSec' And The Leaks Explained
In one of the stranger stories so far this year, a group of hackers who call themselves gay furries has released archival data from a site operated by the conservative American think tank, the Heritage Foundation, according to a post made by the group on their encrypted Telegram channel SiegedSecurity.
The group conducted the hack as part of their informal "OpTransRights" campaign in which they target government websites intending to disrupt efforts to enact or enforce anti-trans and anti-abortion laws. The Heritage Foundation is perhaps best known for its involvement in creating the controversial Trump-backed Project 2025 campaign.
Here's everything we know about the hacking attempt, the leaks and the fallout that followed.
What Is SiegedSec, And Why Did They Hack The Heritage Foundation?
SiegedSec is a hacktivist collective that has long been engaged in what they call "Operation Trans Rights," with the Heritage Foundation's anti-trans and anti-abortion stance drawing the attention of the self-described "Gay Furry Hacker" group.
According to correspondence between SiegedSec and Cyberscoop, the Heritage Foundation hack was an attempt to provide "transparency to the public regarding who exactly is supporting" the conservative group.
Earlier this week, the group released internet data about the Heritage Foundation, which, according to "vio," includes "full names, email addresses, passwords and usernames" of individuals linked to the nonprofit. The data was reportedly hosted on the Daily Signal, Heritage’s news site.
How Did The Heritage Foundation React To the Hack And What Information Was Compromised?
According to SiegedSec, their hack of the Daily Signal produced username and email information relevant to the Heritage Foundation, but Mike Howell, a columnist at the Daily Signal, pushed back on that narrative.
The journalist was one of the first to reach out to the hacker group, with SiegedSec releasing a chat log showing the writer calling the group rude names.
According to the Heritage Foundation's statement to Newsweek, the think tank was not actually "hacked." Instead, it said that the would-be hackers accessed a two-year-old outdated archive of The Daily Signal.
"The Heritage Foundation was not hacked. An organized group stumbled upon a two-year-old archive of The Daily Signal website that was available on a public-facing website owned by a contractor. The information obtained was limited to usernames, names, email addresses and incomplete password information of both Heritage and non-Heritage content contributors, as well as article comments and the IP address of the commenter. No Heritage systems were breached at any time, and all Heritage databases and websites remain secure, including Project 2025. The data at issue has been taken down, and additional security steps have since been taken as a precaution."
However, other tech whizzes took a look at the information released by SiegedSec and drew their own conclusions.
For instance, X user @HackingButLegal posted a thread analyzing some of the data leaked by SeigedSec, concluding that several comments on the Heritage Foundation's website originated from Asian countries.
For the full history of the Heritage Foundation Gay Furry Hack, be sure to check out Know Your Meme's encyclopedia entry for more information.