- A group of “gay furry” hackers has been releasing information from US state governments.
- SiegedSec targeted Texas, naming anti-trans legislation as its motive.
- Despite that rationale, the group describes their actions as “black hat,” not “hacktivism.”
SiegedSec, a self-described group of gay furry hackers, took its skills to state governments in late June, breaching agencies across five states and releasing a wealth of data.
The states targeted on June 27 were Texas, Nebraska, Pennsylvania, South Dakota, and South Carolina. Though the other states’ targeting was not specifically explained, a 180 gigabyte leak from the previous week on the government in Fort Worth, Texas, was apparently over the state’s move to ban gender-affirming care.
“Furries” are a small community of people interested in or identifying with anthropomorphic or animated animals.
“Texas happens to be one of the largest states banning gender affirming care, and for that, we have made Texas our target. Fuck the government,” a message posted on the SiegedSec Telegram chat said. “We easily hijacked their administrator account~ 😀 The files leaked include: Work orders, employee lists, invoices, police reports, emails between employees/contractors, internal documents, camera footage, and lots, lots, lots more~!”
So far in 2023, Texas legislators have introduced 65 anti-trans bills, according to the Trans Legislation Tracker, four of which have passed. One of the laws bars children from receiving any kind of care “intended to transition a child’s biological sex.”
South Carolina’s legislators have introduced 25. One aims to prevent gender-affirming care for minors. Pennsylvania has introduced three, one of which limits trans students’ participation in public school sports. South Dakota and Nebraska’s legislators have each introduced five anti-trans bills, and each passed one. Both passed bills in South Dakota and Nebraska prohibiting gender-affirming care for minors.
The leader of SiegedSec, who goes only by Vio online to protect their privacy, said in an interview with Insider that the group’s overall mission was to “have fun and cause chaos.”
“Sometimes we participate in a hacktivist operation though, with different goals. Our small, tight-knit group is made up of members with a wide variety of skill sets,” Vio said in a message on the encrypted chat app Signal. “We are also actually gay furries, I’ve seen countless people doubt that aspect of our group.”
Insider independently verified that Vio was a member of SiegedSec and that the group was involved in the data breaches.
While the group’s most recent targets are state governments in the US, its past hacks show the group targeted various entities in the governments of Cuba, Colombia, China, the Philippines, and Russia, as well as large corporations and companies in Bangladesh and the US. Vio said the group began its coordinated attacks in February 2022.
“We mostly choose our targets without much thought, as an opportunistic attack,” Vio said in a Signal message. “With a few operations though, we make a list of target domains and go down the list with thorough tests.”
In late November, SiegedSec announced its retirement from hacking via its Telegram channel, citing a loss of the “joy” it once found from its escapades. But in February, the group notified its subscribers of its return to “hacktivities.”
“After several months, we have decided to return to our hacking operations, the world is no longer safe from our furry cuddles UwU~,” a SiegedSec Telegram message said on February 8. “Uwu gay furries pwn you~ We’ll be back again soon to continue our chaos and destruction!”
Some news outlets, such as Them, raised concerns that the group’s actions could expose random people to harm, not just the targeted governments. Them said the random targets could include other LGBTQ+ people.
Vio said that while the group tried to avoid affecting members of LGBTQ+ communities, it defined itself as “black hat,” rather than as a “hacktivist group,” meaning it does not hack for activist purposes.
While “black hat” hackers are defined by ScienceDirect as those who generally hack to compromise data with malicious intent or for the thrill of hacking, “hacktivists,” according to United States Cybersecurity Magazine, work with a Robin Hood or vigilante mindset and push social justice and policy changes.
“We won’t intentionally target LGBTQ+ people and we’ll attempt to avoid having negative impact on LGBTQ+ people, however its very possible someone is unintentionally impacted by our blackhat attacks and there’s not much else we can do about it,” Vio said.
Experts have expressed some skepticism toward the hacking group, the Daily Dot reported.
“It shouldn’t be assumed that SiegedSec’s motivation is as straightforward as they say,” Brett Callow, a threat analyst for the cybersecurity firm Emsisoft, told the Daily Dot. “Hacking photos of potholes and other fairly non-sensitive data seems like a very odd way of protesting a state’s policies.”
In response to these comments, Vio acknowledged the hacked data was “non-sensitive” and “not directly connected to the goal” of the group.
“Our goal was never to expose anyone, or cause significant damage,” Vio said. “The goal was to ensure the government saw our motivations, and motivate and encourage people to protest. I’d say we succeeded with our goal.”
The Pennsylvania attorney general’s office told Insider it was unaware of any effect from the attacks, while government offices from Texas, Nebraska, South Dakota, and South Carolina did not respond to requests for comment.