US flags stand in press room at the NATO headquarters

Alexandros Michailidis/ShutterStock (Licensed)

Furry hackers claim to have breached NATO, stolen 3,000 files

The files appear to be unclassified but intended for 'official use only' among NATO.


Mikael Thalen


Posted on Oct 2, 2023   Updated on Oct 3, 2023, 7:59 am CDT

The hacking group SiegedSec announced on Monday that it has leaked what are claimed to be more than 3,000 files from the North American Treaty Organization (NATO).

In a post on Telegram, the hackers, who have previously described themselves as “gay furries,” shared numerous screenshots of the data as well as a description of its contents.

“We tend to have fun breaching intergovernmental alliances between large nations :P,” the group wrote.

The data is said to have originated from the “NATO Learning Management System” and includes files from portals including the “Lessons Learned Portal,” the “Logistics Network Portal,” and the “Investment Division Portal,” among others.

Numerous reports contain notices indicating that their content is unclassified but intended for official use only among NATO and nations belonging to the Five Eyes intelligence alliance.

Some of the reports appear to discuss guidelines regarding protection and decontamination from chemical, biological, radiological, and nuclear threats.

While some of the data appears to be sensitive, it remains unclear whether the dump also contains information that is already publicly available.

The announcement from SiegedSec is the second it has made in recent months surrounding alleged breaches of NATO’s online infrastructure.

In July, NATO revealed that it was investigating claims from SiegedSec that the group had accessed its unclassified documents from similar online portals. The files leaked at the time contained data such as agency personnel names and contact information, according to CyberScoop.

SiegedSec has previously made headlines for its politically motivated hacks. In June, the hackers leaked hundreds of thousands of files from a website affiliated with the Texas city of Forth Worth. In remarks to the Daily Dot, the hackers said they had targeted the state over its stance on gender-affirming care for transgender youth.

“We targeted Fort Worth mostly because it was a vulnerable target in a list we had, we were checking any government domain associated with Texas,” one hacker said. “This is the start of a campaign against all states banning gender-affirming care, we have a few more attacks planned soon.”

The group would soon follow up with numerous other breaches targeting government websites in South Dakota, Nebraska, Texas, South Carolina, and Pennsylvania.

In a statement to the Daily Dot, SiegedSec member r0xy said that the group had targeted NATO “mostly for the lulz.”

“We chose NATO mostly for the lulz, just having fun and to laugh at their inability to defend against the most common hacking method, social engineering,” r0xy said.

The hacker also claimed that the group was actively monitoring NATO portals and emails to see whether the organization had become aware of the alleged breach. 

In a statement to the Daily Dot, NATO said that it is “facing persistent cyber threats and takes cyber security seriously. NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites. Additional cyber security measures have been put in place. There has been no impact on NATO missions, operations, and military deployments.”

This post has been updated with comment from SiegedSec and NATO.

We crawl the web so you don’t have to.
Sign up for the Daily Dot newsletter to get the best and worst of the internet in your inbox every day.
Share this article
*First Published: Oct 2, 2023, 11:28 am CDT