A data dump of what appears to be the email addresses and passwords of members of the Gates Foundation, World Health Organization (WHO), Center for Disease Control and Prevention (CDC), and a virology center based in Wuhan, China, is circulating within a network of neo-Nazi extremists.
Though people on social media are claiming that this indicates the Gates Foundation was hacked, based on what Motherboard has seen there is nothing to indicate that is the case, nor is there anything to indicate that the passwords are valid, current, or are even credentials to log-in to Gates Foundation or WHO accounts.
The data dump and circulation appears to be an attempt at intimidating several of the leading government and non-governmental groups currently leading the fight against the worldwide coronavirus pandemic, though it's likely many of the emails and passwords are outdated.
Judging specifically from a list of the data obtained by Motherboard, it appears like this may be an aggregation of previously-hacked usernames and passwords that was compiled from previous data breaches of various companies, though Motherboard cannot say for sure at the moment where the list comes from and how it was compiled. Motherboard ran a series of the email addresses through the website haveibeenpwned.com, which compiles data breaches, and found that each of the addresses we tested have previously been part of known data breaches. Many of them were also confirmed by the site to have been circulated in large aggregated lists of usernames and passwords tracked by the site.
If these are from previous data breaches, that means the credentials being traded would be for sites unrelated to their jobs—they would be logins for sites that were hacked, not for any internal WHO or Gates Foundation systems, and would not work unless the people affected were reusing their passwords.
In recent weeks, far-right extremists have become particularly enamoured with sowing disinformation about the COVID-19 pandemic, stoking protests and anti government sentiment in hopes of creating social chaos. Many experts have openly warned that “accelerationists”—followers of violent political doctrine calling for terrorist actions to hasten the collapse of society—have seen an opportunity in the current pandemic to test already weakened governments that are struggling to contain the virus.
Chatter discussing the data dump first appeared on the shitposting site 9chan—one of the many iterations of infamous anonymous posting boards—Monday night, it then spread to various social media platforms.
SITE Intelligence, a private terrorism watchdog based in the U.S., first spotted the data dump and then its migration to a Telegram channel with over 5,000 followers and links to neo-Nazi terrorist organizations Atomwaffen Division and The Base, both of which have been under an extreme, nationwide FBI crackdown in recent months.
“Far-right extremists’ distribution of allegedly hacked data by organizations like WHO and the Gates Foundation is fitting to how they’ve targeted medical organizations and personnel amid the pandemic,” said executive director Rita Katz. “Whether out of accelerationist or conspiratorial-minded motivations, white supremacists and Neo-Nazis have called to vandalize hospitals, intentionally infect medical workers, and beyond.”
Katz explained that the hacked data could lead to continued conspiracy theories proliferating about the pandemic, and the potential for violent actors to act on those fictitious and dangerous theories.
“Far-right communities online have an enormous capacity to disseminate this hacked data, especially as their audience grow amid this pandemic,” Katz said.
Update: This post has been updated to include that the list of emails and passwords is now circulating widely on social media.