Parts of this article (those related to 2023) need to be updated. The reason given is: nothing on 2023 leaks. Please help update this article to reflect recent events or newly available information.(September 2023)
Distributed Denial of Secrets, abbreviated DDoSecrets, is a
non-profitwhistleblower site founded in 2018 for
news leaks.[2][3][4][5][6] The site is a frequent source for other news outlets and has worked on investigations including
Cyprus Confidential[7][8] with other media organisations.[6][9] In December 2023, the organisation said it had published over 100 million files from 59 countries.[10][11]
Distributed Denial of Secrets was founded by
Emma Best, an American national security reporter known for filing prolific
freedom of information requests, and another member of the group known as The Architect. According to Best, The Architect, who they already knew, approached them and expressed their desire to see a new platform for leaked and hacked materials, along with other relevant datasets. The Architect provided the initial technical expertise for the project.[6] At its public launch in December 2018, the site held more than 1 terabyte of data from many of the highest-profile leaks. The site originally considered making all of the data public, but after feedback made some of it available only to journalists and researchers.[23]
Best has served as a public face of the group, which lists its members.[24] In February 2019, they told Columbia Journalism Review there were fewer than 20 people working on the project. According to Best, several early members of the project were driven to radical transparency work by their past background with the state, which they compared to
Chelsea Manning and other whistleblowers. In the February 2019 interview Best said, “Those associations all ended well prior to DDoSecrets coming together and were internally disclosed early on.”[6] In April 2021, their website listed 10 members and advisors.[24]
In 2019, the
Congressional Research Service recognized Distributed Denial of Secrets as a transparency collective.[29] In December 2019, politicians in Sweden and the UK, including anti-corruption chief
John Penrose said that leaks published by Distributed Denial of Secrets showed the need for reforms on company creation and registration.[41][42] That month,
Belgian tax authorities initiated an investigation based on data published by DDoSecrets the prior month.[43]
In 2020, the U.S. counterintelligence strategy described leaktivists and public disclosure organizations like Distributed Denial of Secrets as “significant threats,” alongside five countries, three terrorist groups, and “transnational criminal organizations.”[14][44] A June 2020 bulletin created by the
Department of Homeland Security's Office of Intelligence and Analysis erroneously[45] described them as a "criminal hacker group". Elements of the report were challenged as inaccurate by media such as The Verge.[46] On 3 July, German authorities seized a public server used by Distributed Denial of Secrets[47][48] at the request of the US government.[49][9] The same month, the
Internal Revenue Service (IRS) recognized the group as a 501(c)(3)
non-profit.[2]
In 2021, legislators in Maine introduced a bill to close the state's
fusion center in response to
BlueLeaks and whistleblower reports.[50]
In 2022, law enforcement agencies in
New York,
New Jersey,
Washington and
Oregon launched investigations into officers who appeared in the leaked Oath Keepers records published by DDoSecrets.[51]
In June 2020, the organisation was banned from Twitter[57][58] in response to
BlueLeaks, citing a breach of their policies against "distribution of hacked material"[59] in a move that was criticized as setting a "dangerous precedent."[60] In September 2023,
The Intercept reported that access to the organization's website was blocked by
Indonesia and
Russia and censored by
Twitter and
Reddit.[61][45]
As of April 2022[update], the site hosts dozens of
terabytes of data from over 200 organizations.[62][63] In December 2023, the organisation said it had published over 100 million files from 59 countries.[10][11]
2018
In December 2018, DDoSecrets listed a leak from
Russia's Ministry of Internal Affairs,[64] portions of which detailed the deployment of Russian troops to Ukraine at a time when the Kremlin was denying a military presence there. About half of the material from that leak was published in 2014; the other half emerged in 2016.[65]WikiLeaks reportedly rejected a request to host the full cache of files in 2016,[65] at a time when founder
Julian Assange was focused on exposing
Democratic Party documents passed to WikiLeaks by
Kremlin hackers.[66]
2019
In January 2019, DDoSecrets published hundreds of gigabytes of hacked Russian documents and emails from pro-Kremlin journalists,
oligarchs, and militias.[66]
In November 2019, DDoSecrets published over 2 terabytes of data from the Cayman National Bank and Trust. The files were provided by the hacktivist known as
Phineas Fisher, and included lists of the bank's
politically exposed clients. The leak was used by researchers to study how elites use offshore banking.[67][68][69]
In December 2019, DDoSecrets published "#29 Leaks" in partnership with the
Organized Crime and Corruption Reporting Project and more than 20 outlets in 18 countries.[70] The 450 gigabytes of data came from
Formations House (now The London Office), a "company mill" which registered and operated companies for clients included organized crime groups, state-owned oil companies, and fraudulent banks.[67][71][72] The release was compared to both the
Panama Papers and the
Paradise Papers.[67][71][72]Belgian tax authorities initiated an investigation based on the Cayman bank and Formations House leaks.[73]
In December 2019, DDoSecrets published "PacoLeaks" and "MilicoLeaks": data from
Chilean military police and
military. PacoLeaks revealed police personnel data, extensive police files on activist groups and leaders, and evidence that the police had infiltrated activist groups[74] MilicoLeaks included details on
Chilean army intelligence, including operations, finance and international relations.[75][76]
In 2020, DDoSecrets published a copy of the
Bahamas corporate registry. DDoSecrets partnered with
European Investigative Collaborations and the German
Henri-Nannen-Schule journalism school to create the Tax Evader Radar, a project to review the dataset of almost one million documents.[77] The project exposed the offshore holdings of prominent Germans,[78] the tax activities of
ExxonMobil,[79] as well as offshore business entities belonging to the
DeVos and
Prince families.[80]
In March 2020, DDoSecrets published 156 gigabytes of data hacked from the
Myanmar Investment Commission.[81] The leak also revealed how millions of dollars allegedly flowed from
Mytel subscribers to Myanmar military generals,[82] and exposed business dealings of family members of prominent military leaders.[83]
In April 2020, DDoSecrets published almost 10million messages from more than 100
Discord servers used by
neo-Nazi and
QAnon conspiracy theorist groups.[84] The leaked chats showed threats of violence and attempts to influence the
2018 United States midterm elections.[85]
On June 19, 2020, DDoSecrets released
BlueLeaks, which consisted of 269 gigabytes of internal U.S. law enforcement data obtained from
fusion centers by the hacker collective
Anonymous. DDoSecrets called it the "largest published hack of American law enforcement agencies."[86]Betsy Reed described BlueLeaks as the U.S. law enforcement equivalent to the
Pentagon Papers.[87]
In July 2020, DDoSecrets released documents relating to the United States' case against WikiLeaks founder
Julian Assange. The release also included chat logs and letters between Assange and various sources.[88]
On February 28, DDoSecrets revealed "GabLeaks", a collection of more than 70 gigabytes of data from Gab, including more than 40 million posts, passwords, private messages, and other leaked information. The group said that they would not release the data publicly because it contained a large amount of private and sensitive information, and instead shared the data with select journalists,
social scientists, and researchers.[93]
In April 2021, Distributed Denial of Secrets made donor information from the Christian crowdfunding site
GiveSendGo available to journalists and researchers. The information identified previously anonymous high-dollar donors to far-right actors including members of the
Proud Boys, many of whose fundraising efforts were directly related to the
2021 United States Capitol attack.[94]
Also in April 2021, DDoSecrets published a cache of emails from
Chicago City Hall.[95][96] The emails revealed that the city's handling of fatal shootings by police officers violates state law and a federal consent decree.[97] The emails also exposed the Mayor's secret lobbying for
qualified immunity,[98] a secret drone program funded with off-the-books cash,[99] and the city's problems with police chases and the
George Floyd protests.[100][101]
In May 2021, DDoSecrets republished the leak of
Washington D.C.'s Metropolitan Police Department, including over 90,000 emails. Among other things, the files revealed details of surveillance of right-wing extremists and the response to the 2021 United States Capitol attack.[102][103]
In September 2021, DDoSecrets publicly released emails and chat logs from the American far-right
Oath Keepers organization to the public. They also provided member and donor data to the press. This exposed hundreds of members in law enforcement, over a hundred members with ties to the military and dozens in political office.[104][105][106]
In February 2022, after many anonymous donors supported the
2022 Freedom Convoy, DDoSecrets began providing journalists and researchers with a hacked list of donors' personal information from GiveSendGo. Later that month, GiveSendGo was hacked again, exposing donors for every campaign in the site's history, which DDoSecrets gave to journalists and researchers.[109]
In May 2022, DDoSecrets published 128,700 emails allegedly associated with a
Hunter Biden laptop that were being circulated by allies of and former staff of President Donald Trump. DDoSecrets said it published the emails "to counteract possible deceptions by persons with an agenda who are currently distributing the dataset without the relevant context or warnings," because there were "considerable issues with this dataset including signs of tampering" and "more than one altered or implanted emails".[110] DDoSecrets also made a copy of the alleged laptop available to journalists and researchers.[22]
During the
Russo-Ukrainian War, DDoSecrets published more than 40 datasets of Russian leaks, totaling at least 5.8 terabytes.[111][112][113] Emma Best estimated that the group had published over six million Russian documents in under two months after the war began.[113]NBC News reported that the site "might be the single best public repository of all the Russian files purportedly leaked since the start of the invasion",[114] and The Intercept wrote that it had become the "de facto home" for Russian leaks.[113]
In September, they published
Fuerzas Represivas, a collection of military documents from Latin America and Mexico totaling more than 13 terabytes, which Emma Best called "the largest leak in history". The leak included the Chilean Joint Chiefs of Staff, the Mexican Ministry of National Defense and the
Joint Command of the Armed Forces of Peru.[115]
In August 2023, DDoSecrets published over 500,000 documents and other files from the
National Police of Paraguay.[126] In October, they published intelligence documents about investigations involving former president of Paraguay
Horacio Cartes.[127] They also published emails and documents from
Ethiopia's Financial Intelligence Service.[128][129]
In November 2023, the
Organized Crime and Corruption Reporting Project joined with more than 40 media partners including
Cerosetenta / 070,[130]Vorágine,[131] the
Centro Latinoamericano de Investigación Periodística (CLIP)[132] and Distributed Denial of Secrets and journalists in 23 countries and territories for the largest investigative project on organized crime to originate in Latin America, producing the '
NarcoFiles' report. The investigation was based on more than seven million emails from the
Colombian prosecutor’s office which had been hacked by
Guacamaya, including correspondence with embassies and authorities around the world. The files dated from 2001-2022 and included audio clips, PDFs, spreadsheets, and calendars.[133][134] The investigation revealed new details about the global drug trade and over 44 tons of "controlled deliveries" carried out to infiltrate the drug trade[135][136] and how criminals corrupt politicians, bankers, accountants, lawyers, law enforcement agents, hackers, logistics experts, and journalists in order to use logistical, financial, and digital infrastructures.[137]
Also in November 2023, the
International Consortium of Investigative Journalists,
Paper Trail Media [
de] and 69 media partners including Distributed Denial of Secrets and the OCCRP and more than 270 journalists in 55 countries and territories[7][8] produced the '
Cyprus Confidential' report on the financial network which supports the regime of
Vladimir Putin, mostly with connections to Cyprus, and showed Cyprus to have strong links with high-up figures in the Kremlin, some of whom have been sanctioned.[138][139] Government officials including Cyprus president
Nikos Christodoulides[53] and European lawmakers[53] began responding to the investigation's findings in less than 24 hours,[52] calling for reforms[53] and launching probes.[54][55][56]
2024
In 2024, DDoSecrets launched the "Greenhouse Project" to preserve censored information and create a "warming effect to reverse the chilling effects of censorship" as part of its broader mission to ensure the free transmission of data in the public interest by making itself a “publisher of last resort”. The first entry in the project was a censored Reuters story that alleged that a hacking-for-hire firm called Appin had stolen secrets from executives, politicians, military officials, and wealthy elites around the globe and supporting documents [45]
^
Andy Greenberg (June 22, 2020).
"Hack Brief: Anonymous Stole and Leaked a Megatrove of Police Documents". Wired magazine.
Archived from the original on June 23, 2020. Retrieved July 20, 2020. 'It's the largest published hack of American law enforcement agencies,' Emma Best, cofounder of DDOSecrets, wrote in a series of text messages. 'It provides the closest inside look at the state, local, and federal agencies tasked with protecting the public, including [the] government response to COVID and the BLM protests.'
^Silverman, Jacob; Haas, Lidija; Haas, Lidija; Smith, Jordan Michael; Smith, Jordan Michael; Segall, Pam; Segall, Pam; Al-Agba, Niran; Al-Agba, Niran (August 18, 2021).
"The New WikiLeaks". The New Republic.
ISSN0028-6583.
Archived from the original on September 13, 2023. Retrieved March 6, 2022.