GiveSendGo, a crowdfunding website that was being used to source donations for the “Freedom Convoy” protest mounted by Canadian truckers, has been taken offline in an apparent hack and information about alleged donors leaked online.
On Sunday night, the GiveSendGo domain began to redirect to a new domain — GiveSendGone[.]wtf — and show a video loop from Disney’s Frozen, as first noted by Daily Dot journalist Mikael Thalen. The video was accompanied by text criticizing the fundraising site and linking it to the January 6th insurrection in the US.
GiveSendGo, which brands itself “the number one Free Christian crowdfunding platform,” had already emerged as the go-to platform for fundraising to cover legal fees for Trump supporters accused of participating in the Capitol insurrection.
It quickly became the number one fundraising choice for the self-styled “Freedom Convoy” after the more prominent platform GoFundMe said it would withhold millions of dollars in donations to the truckers, citing police reports of violence and other illegal activity. Canadian banks had already begun to block funds linked to the convoy, with TD freezing two personal accounts containing more than $1 million in donor funding.
As donors flocked to the new platform, a security researcher alerted TechCrunch to the fact an Amazon S3 bucket — a cloud storage service used to host files online — had been set up insecurely by GiveSendGo and exposed gigabytes of data about donors to the Freedom Convoy, including photos and passport scans.
The cloud storage issue was believed to have been fixed last week after TechCrunch notified the GiveSendGo management team, and the latest hack appears to be a new compromise of the site.
The leaked donor information was obtained by data leak hosting website Distributed Denial of Secrets, which has been giving access solely to journalists and researchers due to the presence of sensitive personal information.
A copy of the data obtained by The Verge contained close to 93,000 entries, including names, email addresses, ZIP codes, and country of origin. Among the email addresses listed in the database, a handful come from domains ending in “.gov,” a domain reserved for government entities, and appear to belong to employees of the TSA, Department of Justice, Bureau of Prisons, and NASA.
The US makes up more than half of the entries for donor country, followed by Canada and then Great Britain, giving support to concerns raised in Canadian media that foreign money has been backing the protest.
A request for comment sent to GiveSendGo had not received a response by time of publication.
https://www.theverge.com/2022/2/14/22933772/givesendgo-funding-freedom-convoy-hacked-donor-leaked