SiegedSec was led by an individual under the alias "vio".[9] Short for "Sieged Security",[10][11][12] SiegedSec's Telegram channel was first created in April 2022,[13] and they commonly referred to themselves as "gay furry hackers".[14][15] SiegedSec has targeted a wide variety of organisations, ranging from intergovernmental organisations like NATO[3][4] and federal research facilities like the Idaho National Laboratory[1][2] to right-wing movements like The Heritage Foundation[16][17] and Real America's Voice,[18] and various U.S. states that have pursued legislative decisions against gender-affirming care.[19]
On February 14, 2023, major Australian software provider Atlassian had its data leaked on the internet by SiegedSec using stolen employee credentials. 13,000 employee records were affected in this hack, and SiegedSec was also able to obtain floorplans for Atlassian offices.[20]
In June 2023, SiegedSec targeted several United States government entities to protest anti–gender-affirming-care bills. The hackers released a variety of data including data from the Government of Fort Worth Texas, The Nebraska Supreme Court, and South Carolina police files.[19]
In April and May 2024, SiegedSec began their second trans rights operation, #OpTransRights2. The hackers successfully targeted and leaked data from Real America's Voice[6][7] and River Valley Church.[21]
In July 2023, SiegedSec sent a series of spoof emails to undergraduate University of Connecticut students using LISTSERV, falsely announcing the "Unfortunate Passing of Radenka Maric". During an interview with the Hartford Courant, "vio" claimed responsibility for the incident, explained the vulnerability which allowed for them to perform the hack, and said that they "did it for the lulz".[9]
In 2023, NATO portals were compromised twice by SiegedSec. The leak totalled over 3000 internal documents.[22][3][4][5] The portals compromised were Joint Advanced Distributed Learning, NATO Lessons Learned Portal, Logistics Network Portal, Communities of Interest Cooperation Portal, NATO Investment Division Portal, and NATO Standardization Office.[23] Shortly after the incident, NATO announced that they would be investigating the attack.[24][25]
On October 30, 2023, SiegedSec attacked Bezeq, one of the largest Israeli telecommunication providers. The hackers released information on nearly 50,000 customers.[26]
In November 2023, Idaho National Laboratory's Oracle HR system was compromised leading to the leaking of personal employee data,[27] with the group demanding that the laboratory put research into "creating real-life catgirls" in exchange for the data to be removed.[11] On February 7, 2024, a number of employees received ransom payment requests in the mail with their data.[28]
In July 2024, SiegedSec announced that they had breached and leaked data from conservative think tank The Heritage Foundation, which has led the Project 2025 proposals. They released a statement on Telegram, calling the proposals "an authoritarian Christian nationalist plan to reform the United States government."[15] A Heritage spokesperson dismissed the attacks as "a false narrative and an exaggeration", stating that all databases, systems and websites remained secure.[29][30] The hacking group released chatlogs of a conversation on Signal between "vio" and Heritage Foundation executive Mike Howell, in which Howell stated that he, in collaboration with the FBI, was "in the process of identifying and outting [sic] members of your group."
After releasing the Heritage Foundation chatlogs, SiegedSec announced that they would be disbanding "for our own mental health, the stress of mass publicity, and to avoid the eye of the FBI."[31]