GiveSendGo hacked, with Freedom Convoy donors’ names being dispersed freely on Twitter

Get the latest BPR news delivered free to your inbox daily. SIGN UP HERE

If you’re on Twitter, you already know: GiveSendGo — the Christian platform “for funding freedom” that began collecting donations for the truckers in Canada’s Freedom Convoy after GoFundMe seized $10 million meant for the anti-mandate protestors — has been hacked, frozen, and tens of thousands of donor names have been leaked on social media.

“The hack redirected GiveSendGo.com to a webpage with the domain GiveSendGone[dot]wtf, where a video of Disney’s Frozen was posted along with a manifesto condemning the website,” reports the Washington Examiner.

“Attention GiveSendGo grifters and hatriots,” the manifesto reads. “The Canadian government has informed you that the money you a**h***s raised to fund an insurrection is frozen. TD Bank has frozen several accounts. You helped fund the January 6th insurrection in the US. You helped fund an insurrection in Ottawa. In fact, you are committed to funding anything that keeps the raging fire of misinformation going until it burns the word’s collective democracies down.”

“On behalf of sane people worldwide who wish to continue living in a democracy, I am now telling you that GiveSendGo itself is frozen,” the manifesto states.

Daily Dot staff writer Mikael Thalen covered the hack in real time.

“An S3 bucket run by GiveSendGo was found to be leaking pics of drivers licenses, military IDs, passports, & other sensitive docs just days ago,” Thalen tweeted. “Source tells me that despite an attempted fix, the bucket was exploited again to allow the takeover of the site.”

 

According to Thalen, the leaked data included not just names, but IP addresses, email addresses, names, and zip codes.

The names were leaked and dispersed on Twitter by Canadian radio personality Dean Blundell.

In spreading the donor names for nearly 12 hours as of this writing, Blundell has clearly violated at least two of Twitter’s rules.

In October 2020, Twitter posted to their Help Center its policy on the “Distribution of hacked materials.”

“The use of hacks and hacking to exfiltrate information from private computer systems can be used to manipulate the public conversation, and makes all of us less secure online,” Twitter states. “We do not condone attempts to compromise or infiltrate computer systems. As such, we don’t permit the use of our services to directly distribute content obtained through hacking by the people or groups associated with a hack.”

Twitter goes on to say that they may “label Tweets containing or linking to hacked materials to help people understand the authenticity or source of these materials and provide additional context.”

Twitter’s November 2021 policy on doxxing is just as clear:

“You may not publish or post other people’s private information without their express authorization and permission,” Twitter states. “We also prohibit threatening to expose private information or incentivizing others to do so.”

“Sharing someone’s private information online without their permission, sometimes called doxxing, is a breach of their privacy and of the Twitter Rules,” the statement continues. “Sharing private information can pose serious security risks for those affected and can lead to physical, emotional, and financial hardships.”

Yet, as of this writing, Blundell’s account is still active, and the doxxing tweet has been “liked” 427 times and re-tweeted 536 times, despite the violation being reported to Twitter.

Melissa Fine

Comment

We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.

Latest Articles