Freedom Convoy Donors Doxxed After Data Breach

The media continue to publicly name and shame anonymous “Freedom Convoy ” donors after hackers leaked their personal information. This comes following a series of cyberattacks on crowdfunding website GiveSendGo last month.

Journalists received a cache containing the personal information of over 92,000 individuals who donated to the Freedom Convoy–a group of truckers protesting Canada’s COVID-19 restrictions– after hackers breached GiveSendGo on at least three occasions in February. The breaches appear to be highly targeted, politically motivated attacks.

GiveSendGo Takes On Trucker Protest Cause

GiveSendGo, a Christian crowdfunding website based in Boston, Massachusetts became the main crowdfunding platform supporting the truckers. This comes after GoFundMe blocked donations to the protests, citing police reports of violence.

The Freedom Convoy campaign has been the site’s largest to date, raising over $8 million since it went live in early February, but “there has also been plenty of push back,” said Jacob Wells, co-founder of GiveSendGo in a statement published on the site on February 7. “We’ve seen nearly 10 million bots trying to overwhelm our servers.”

Cyber Onslaught Launched Against GiveSendGo

Days before the initial hack occurred, TechCrunch reported on serious security issues on GiveSendGo’s site that left private documents like passports and driver’s licenses exposed. GiveSendGo quickly rectified the issues, but its security troubles continued.

On February 13, hackers redirected the site to a rogue domain that hosted a downloadable cache of all Freedom Convoy donor data along with a manifesto condemning the protest, set to music from the Disney film Frozen II.

On February 15 a second leak revealed the entire donor history of every individual who had used GiveSendGo, including some of their credit card data.

“Adopt a Trucker”, a similar campaign on GiveSendGo also suffered a data breach, with its founder’s emails being leaked.

Screenshot of the GiveSendGo leaked data, made available by DDoSecrets.  

The latest data breach of February 23 reveals all the names, email addresses, IP addresses, zip codes, and the amounts donated by GiveSendGo donors from the start of the Freedom Convoy campaign.

Press Pounce on Leaked Data

The hackers handed the data over to transparency group, Distributed Denial of Secrets, which regularly supplies leaked information from right-wing organizations to journalists.

Major media outlets including The New York Times, The Washington Post, the CBC, and the Ottawa Citizen, were quick to publish names of people who donated to the Freedom Convoy.

 

Smaller outlets soon jumped on the bandwagon.

The Salt Lake Tribune identified Utah donors by zip code while The Toronto Star reported on over a dozen Ontario police officers who had donated to the GiveSendGo campaign. The officers are now being investigated by the Ontario Provincial Police Department, though it’s not illegal for officers to donate to political causes.

Delaware Online published a story naming a high-ranking officer of the Delaware Transit Corporation whose name appeared in the leaked data.

Canadian radio personality Dean Bundell tweeted, “So, here’s the GiveSendGo donor list…” and linked to an article that included a Google spreadsheet of all the names and email addresses captured in the hack. Twitter later removed the tweet citing it had violated its rules on sharing hacked information.

Screenshot from tweet about Google maps doxxing Freedom Convoy donors.  

According to some tweets, Google Maps posted a link pinning the exact locations of Ontario-based donors with their names, donor IDs, email addresses, and the amounts they donated–some as low as $10. The donors’ information was available for several hours before Google removed the link.

Journalists’ Behavior Denounced as Private Individuals Face Persecution

A number of individuals named in the leaked donor list have suffered repercussions after the media doxxed them.

Tammy Giuliani, who donated $250 to the Freedom Convoy fundraiser, claims she had to shut down her gelato store following threats after she was named in an Ottawa Citizen article.

Marion Isabeau-Ringuette, the communications director for the Ontario Solicitor General, is out of a job after her donation to the Freedom Convoy was revealed.

The media’s doxxing of anonymous donors based on illegally obtained information has raised some questions about journalistic ethics and an individual’s rights to privacy.

Several prominent politicians, including Minnesota Democratic Rep Ilhan Omar, have slammed journalists for weaponizing leaked data to vilify private individuals who made legal donations to an opposition cause.

This case highlights just how much an individual’s identity can be at risk in the event of a data breach–even anonymous donations aren’t truly anonymous anymore. Even if a contribution is made under a fake name, other details like the IP address and location data can be used to track and doxx an individual. Whether that’s fair on the part of the media and their cyberpunk cohorts remains to be addressed.

Become 100% Anonymous Online

Protect your anonymity and constitutional freedoms with a VPN. Get CyberGhost VPN to encrypt so no one can track your online activity and use it blackmail or extort you. CyberGhost VPN hides your IP so nothing can be traced back to you.

Leave a comment

Use of CyberGhost when making the donation would have made no difference in the outcome as there is no way to make an anonymous donation.
Your commercial pitch above obfuscates the fact it was not the data transmission that was released but the lists kept by the monetary host.

Reply

From the author – “Of course, you are right Michael. In the event credit card information is breached, not even a VPN can protect your anonymity. My best advice would be to use both a VPN or Tor while making the payment and to pay with bitcoin if it’s accepted by the platform. That’s what we do at CyberGhost VPN to add another layer of protection to our users’ digital identity. That way, users don’t need to submit any personal information when making the payment.
It worked for the Freedom Convoy, who shifted from GiveSendGo to TallyCoin, a bitcoin-based funding operation, to protect their anonymity.”

Write a comment

Your email address will not be published. Required fields are marked*