Hacktivists Claim DHS Breach and Leak ICE Contractor Records via DDoSecrets
A self-described hacktivist group calling itself “Department of Peace” claimed it breached U.S. Department of Homeland Security (DHS) systems and exfiltrated internal records tied to Immigration and Customs Enforcement (ICE) contracting. The group published the material via the transparency collective Distributed Denial of Secrets (DDoSecrets), and reporting indicates the dataset contains 6,600+ contractor-related records listing thousands of companies associated with federal immigration enforcement contracts, including major vendors such as Microsoft, Oracle, Palantir, Raytheon, and Anduril.
The alleged source of the leaked records was described as DHS’s Office of Industry Partnership, a unit involved in procuring technology from the private sector. As of the reporting cited, DHS had not publicly confirmed the intrusion or validated the authenticity and provenance of the released data, leaving the breach claim unverified while the documents circulate publicly via the DDoSecrets-hosted release.
Sources
Related Stories
DDoS Attack Takes Down ICE List Doxxing Site After Leak of DHS-Sourced Agent Data
**ICE List**, a website publishing personal details of U.S. Immigration and Customs Enforcement (ICE) officers and Border Patrol agents, was reported offline following a sustained **distributed denial-of-service (DDoS)** attack that the site’s administrator, Dominick Skinner, attributed to traffic largely originating from **Russia** and routed through proxies. Skinner said the attack’s use of proxy infrastructure made attribution difficult, but described it as unusually long-running and sophisticated; the site is reportedly hosted in the **Netherlands**, complicating potential U.S. takedown efforts. Reporting indicated the disruption followed Skinner’s stated intent to release data on nearly **4,500** immigration personnel allegedly obtained from the U.S. Department of Homeland Security via a whistleblower. The exposed dataset was described as including **names, phone numbers, email addresses, job titles**, and other identifying information, prompting criticism from DHS that the site enables **doxxing** of federal personnel; Skinner reportedly said he planned to withhold some categories of names (e.g., nurses and childcare workers) while publishing most others.
2 months ago
US Government Efforts to Identify Anti-ICE Activists and a StopICE Service Compromise
The US Department of Homeland Security has reportedly used **administrative subpoenas** to pressure tech companies to disclose identifying data about anonymous accounts and individuals critical of the Trump administration, including accounts sharing information about local **ICE immigration raids**. The reporting highlights that administrative subpoenas—unlike judicial subpoenas—do not require a judge’s approval and can seek metadata and account-identifying details (e.g., login times, devices, and associated email addresses), raising concerns about oversight and potential chilling effects on speech. Separately, the anti-ICE alert service **StopICE** reported its app and website were attacked, with users receiving texts claiming their information had been “compromised and sent to the authorities,” alongside disparaging messages about the developer. StopICE administrators and the developer disputed claims that sensitive personal data (names, addresses, GPS/location histories) was stolen, stating the service does not collect/store that information, while also noting the platform faces heavy hostile activity including frequent **DDoS** attempts; the service blamed a **US Customs and Border Protection (CBP)** agent for the attack, though that attribution was not independently confirmed in the reporting.
1 months ago
Leak of Personal and Work Details of ICE and Border Patrol Employees
Personal and work-related details of roughly **4,500** US **ICE** and **Border Patrol** employees were allegedly leaked online and shared with *ICE List*, a site describing itself as an “accountability” project. Reporting indicates the exposed data includes names, work email addresses, phone numbers, job roles, and some résumé-style information; early reviews cited in coverage suggest about **80%** of those listed may still be employed by **DHS**. Multiple accounts attribute the disclosure to a **DHS whistleblower** and describe it as a major exposure of federal staff data, with estimates including roughly **1,800–2,000** frontline agents and about **150** supervisors among those affected. The alleged leak followed intense public backlash after the fatal shooting of **Renee Nicole Good** in Minneapolis, in which **ICE agent Jonathan Ross** has been widely identified as the shooter. Separate reporting describes broader legal and political fallout around DHS/ICE operations and scrutiny of Ross’ conduct, including court testimony and disputes over subpoenas seeking identifying information about social media users posting about ICE activity; however, those items are adjacent context rather than direct reporting on the staff-data leak itself.
2 months ago