Hacktivist group facing interrogation from NATO over Stolen Portal Data

Hacktivist group known as the “Gay furry hackers” are facing interrogation from NATO over stolen portal data.

NATO, is said to be investigating claims made by the groups (Gay furry hackers), over breaking into military coalitions, unclassified information-sharing, collaboration of IT environment, and maliciously obtaining secret information’s belonging to over 31-nations.

The information which is over 845-megabytes uncompressed data, was then leaked, in a Telegram channel.

The group who identified themselves as “Gay furry hackers”, on July 23 2023 published on their Telegram channel, for being responsible for the stolen sensitive data belonging to NATO.  

They are notoriously known in targeting government agencies, and as well carrying out politically motivated hacking activities.  

In their telegram channel known as the SiegedSec, a series of sensitive documents images where displayed, with a list of messages that shows their excitement and non-regrettable statements of their action in hacking NATO.


       Image collage of NATO of the SiegedSec Telegram Channel; depicting information about the NATO leak.

A link of a well-known cloud storage service known as mega.nz was shared by the group in the channel, for those who are interested in viewing the files that was leaked.  The Telegram-channel which has over six-thousand active subscribers, is shown to have gained over 18.4k (eighteen thousand) views of the information shared regarding the leak.

               The SiegedSec telegram channel with over 18.4k views on the NATO leak.

 In a series of messages by the group:

“These documents are very delicious~ While we were looking through it, we had to relieve our horniness many times! gay furries pwn 31 nations~ ;3”

g4y furr135 4r3 h4q1ng th3 p14n37

NATO has a Community of Interest (COI) portal that is used by both NATO organizations and member states for information sharing and collaboration. Although information’s shared here are unclassified, the possibility of obtaining data that can be utilized for malicious intents, fraud, or even falsely obtaining financial benefits; from releasing such information cannot be disputed.

 Image of Community-Of-Interest portal-NATO. A collaborative, and information sharing platform for NATO organizations.                         Image source: NATO COI.

The report from the groups telegram channel “SiegedSec” claims that the theft “has nothing to do” with the war going on between Russia and Ukraine.

They stated:

“This is a retaliation against the countries of NATO for their attacks on Human Rights.”

Reports from the theregister  website, when they contacted a NATO official about the claims made by the  “SiegedSec” telegram group shows that NATO, is actively looking into the claims made by the hacktivist group.

In a statement from the NATO OFFICIAL which reads:

“NATO cyber experts are actively looking into the recent claims associated with its Communities of Interest Cooperation Portal. We face malicious cyber activity on a daily basis and NATO and its allies are responding to this reality, including strengthening our ability to detect, prevent and respond to such activities. NATO’S classified networks are not affected and there is no impact on NATO operations. Investigations are ongoing by our experts.” 

Further questions asked by theregister were ignored by the NATO official, for some undisclosed reasons.

The discovery from research by CloudSEK AI digital Risk platform known as XVigil; shows that a total number of 20 unclassified documents were leaked. Further information obtained during the threat actor profiling, shows how long since the attack has been active, reputation, current status, and other information as shown in the image below.

                   Threat actor profiling data, from CloudSEK official website.

How the threat actors obtained access is quite unknown at the moment, however, research from CloudSEK indicates that the attack might have been a success, from obtained stolen credentials.

In a statement issued by CloudSEK

“With low confidence and no direct proof, we assess that the credentials for the compromised user account may have likely been sourced from stealer logs.”

The group is also known to be responsible for countless number of cyber-breach, and leaking of sensitive data of 6-states in the United States, which they claimed to be as a result on the attacks regarding gender affirming care (shown in the image below) by the legislatives.


Information about the hack from the threat group to the United States. 

Other attacks that have been conducted by the threat group includes: attacks on anti-abortion states, and also the United States Supreme Court rulings on abrogating Roe V. Wade last summer.




Put your comments below in the comment section on your thoughts about this.

Find this article and information helpful? Show some love and support  “Click-Here”
5 1 vote
Article Rating
Notify of
Inline Feedbacks
View all comments