An unknown hacker organization leaked the personal information of tens of thousands of Freedom Convoy donors. GiveSendGo, a crowdfunding platform collecting money in support of protesters against the Covid-19 restrictions in Canada, was breached over the weekend. The personal details of approximately 93,000 people who financially helped the Freedom Convoy protesters were readily available online for everyone to see. The name of billionaire Thomas Siebel was amongst the names of the donors.
The list of donations includes people from all over the world, with most of the funds coming from individuals located in Canada and the USA. According to Amarnath Amarasingam, Canadian donors have out-raised Americans by almost a million. In addition, the rest of the funds are from Freedom Convoy supporters located in other countries, including the UK, Australia, and Germany.
The hacked website was redirecting potential donors to another website containing the leaked list and a video message from the hackers. The video message had a text spliced on top of a video from Disney’s Frozen. The video and the leaked file with personal information were later taken down, but copies of the leaked information continue to resurface online.
The Boston, Massachusetts-based donation service GiveSendGo, which claims to be the number one Christian crowdfunding website, has an option allowing donors to disclose their donations and information. Many donors chose not to disclose personal information. However, the leaked data contains a list of everyone, including the info that was meant not to be shared publicly. The lists consist of full names, email addresses, location information, and IP addresses. The leaked data also included the message posted by the donors.
The Christian cloud funding platform became the central fundraising platform for the protests in Canada after GoFundMe suspended the account, citing police reports of violence by the protesters. The decision of GoFundMe enraged many, and the company’s actions are currently under investigation by four states – Texas, Florida, Missouri, and West Virginia. Truck drivers and their supporters have been protesting COVID-19 restrictions on the streets of Canada for about a month.
This is not the first time GiveSendGo is under attack. Last week TechCrunch reported cyber security experts found a vulnerability that exposed donors on the website. The unprotected data was approximately 50 gigabytes and contained over a thousand photos and scans of sensitive documents such as driver’s licenses and passports. There is no confirmation whether GiveSendGo has notified the donors whose data was leaked in the recent cyber incidents.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
