Pink Ranger’s Retribution: The Martha Root White Supremacist Hack 2026
Hacktivist Martha Root wiped three white supremacist sites live at CCC 2026. Explore how AI chatbots and poor security led to a 100GB data leak of extremist profiles.
A hacktivist dressed as a Pink Ranger deleted three white supremacist websites live on stage during a cybersecurity conference last week. At the annual Chaos Communication Congress (CCC) in Hamburg, the pseudonymous hacker known as Martha Root remotely wiped the servers of WhiteDate, WhiteChild, and WhiteDeal in real-time, sparking cheers from the audience.
Inside the Martha Root White Supremacist Hack
The targets of the operation were hubs for extremist ideology. WhiteDate was described as a dating app for racists, while WhiteChild focused on matching white supremacist genetic donors. Following the live wipe, the websites' administrator took to social media to label the act "cyberterrorism" and promised legal repercussions. However, as of January 5, 2026, all three platforms remain offline and inaccessible to their users.
Exploiting Poor Security with AI Chatbots
Root revealed that the infiltration was made possible by embarrassingly poor security hygiene. The hacker utilized AI chatbots to bypass verification processes and scrape user data. A significant discovery included precise geolocation metadata embedded in user-uploaded images, which effectively revealed the home addresses of over 6,500 users. Root mocked the "master race" narrative, noting that the group failed to master basic WordPress security before attempting world domination.
A 100GB Treasure Trove for Researchers
The impact extends beyond the website shutdowns. The non-profit collective DDoSecrets has received a dataset totaling 100GB, dubbed "WhiteLeaks." This data includes names, precise coordinates, and racial profiles of the users. Rather than a public dump, the collective is restricting access to verified journalists and researchers to ensure the data is used to expose extremist networks without causing unintended collateral harm.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Google's Project Zero proved Pixel modem firmware can be remotely exploited. The fix for Pixel 10? Rust. Here's why that matters—and why the rest of the industry is watching.
Booking.com confirmed a data breach exposing names, emails, addresses, phone numbers, and booking details. Hackers are already using the data for phishing attacks.
The Trump administration is battling Anthropic in court while simultaneously urging Wall Street banks to test its Mythos AI model. What does this contradiction reveal about US AI policy?
Two class action lawsuits allege LinkedIn secretly scanned users' browsers to identify installed extensions. Here's what happened, who's behind it, and why it matters.
Google's Project Zero proved Pixel modem firmware can be remotely exploited. The fix for Pixel 10? Rust. Here's why that matters—and why the rest of the industry is watching.
Booking.com confirmed a data breach exposing names, emails, addresses, phone numbers, and booking details. Hackers are already using the data for phishing attacks.
The Trump administration is battling Anthropic in court while simultaneously urging Wall Street banks to test its Mythos AI model. What does this contradiction reveal about US AI policy?
Two class action lawsuits allege LinkedIn secretly scanned users' browsers to identify installed extensions. Here's what happened, who's behind it, and why it matters.
Thoughts
Share your thoughts on this article
Sign in to join the conversation