A self-described safety researcher working beneath the pseudonym Martha Root has breached and uncovered hundreds of consumer profiles from a WordPress hosted white supremacist relationship web site, WhiteDate and two related platforms, WhiteChild and WhiteDeal.
The incident was mentioned throughout the thirty ninth Chaos Communication Congress (CCC) in Hamburg in late December 2025, and has since drawn each reward and controversy throughout cybersecurity and political circles.
Root, whose id stays unknown, printed the leaked information on a web site she created referred to as okstupid.lol, a play on mainstream relationship service OkCupid. A subset of consumer profiles is now browsable by way of an interactive map, whereas the total dataset has been archived by way of Distributed Denial of Secrets and techniques (DDoSecrets), a whistleblower platform recognized for internet hosting delicate leaks.
A Quiet Operation, Then a Public Reveal
The operation, in accordance with studies Root, concerned herself infiltrating the WhiteDate platform and quietly extracting detailed info from consumer profiles. She additionally deployed a custom-built AI chatbot to interact with customers and collect information extra effectively, successfully automating social engineering at scale. The aim was to “collect as a lot information as doable earlier than the positioning went offline or observed,” Root mentioned.
As seen by Hackread.com, greater than 8,000 consumer profiles and roughly 100 GB of knowledge have been extracted. The leaked dataset accommodates extremely detailed private info, together with:
The breach seems to have uncovered:
- Over 8,000 consumer profiles
- Profile images, bios, and declared beliefs
- Inside communications and admin-level information
- Info probably linking customers to different accounts
- Metadata from uploaded pictures, some containing GPS coordinates.
In her CCC discuss, Root reportedly demonstrated how some customers reused usernames or e-mail patterns, permitting connections to profiles on mainstream social platforms or earlier leaks.
A video of her CCC presentation is now out there on-line, confirming that the onstage demonstration, together with the second she deleted the principle WhiteDate web site – all this, whereas she wore a pink Energy Ranger costume throughout the presentation.
Think about calling yourselves the “grasp race” however forgetting to safe your personal web site —possibly strive mastering to host WordPress earlier than world domination.
Martha Root
Goal: WhiteDate and Ideology-Motivated Infrastructure
WhiteDate, which claimed to be a “relationship platform for white folks with conventional European values,” was explicitly constructed round white nationalist and ethnonationalist ideologies. The location marketed itself as a “counter to woke tradition” and used far-right imagery and speaking factors in its branding.
WhiteDate’s personal servers reportedly did not correctly safe consumer info or prohibit bot exercise. Root exploited these vulnerabilities to entry the underlying infrastructure and map out consumer information with minimal resistance. She additionally claims to have recognized the positioning’s proprietor and administrative workforce, although these particulars haven’t been printed.
Two extra far-right platforms, AryanDate and NationalistConnect, have been additionally caught up within the information scraping, although it’s unclear whether or not Root’s methodology of entry was the identical for every.
Publishing the Information: okstupid.lol and DDoSecrets
Root created okstupid.lol as a satirical front-end to the leak, letting anybody view sanitized variations of the profiles with photograph redactions and pseudonyms. Nonetheless, the total unredacted dataset has been handed over to DDoSecrets, a bunch that has printed troves of leaked content material over time together with police paperwork, fascist group chat logs, and monetary information from authoritarian regimes.
Watch Martha Root’s as she explains the hack:
Authorized and Social Fallout
There was no formal response from the house owners of WhiteDate. The location’s area went offline shortly after the CCC occasion and stays down with “nginx - 404 Not Discovered” error message as of this writing. It’s not recognized whether or not authorized motion is being pursued, although Root’s anonymity and the positioning’s ideological nature could restrict choices for recourse.
In Germany, the place the CCC passed off and the place hate speech and extremist content material are prosecuted extra aggressively than in lots of different nations, the net response to the leak has been largely supportive throughout activist and antifascist circles.
Who Is Martha Root?
The identify Martha Root is itself a historic reference, a nod to an early Twentieth-century peace activist and author. This alias is a part of a sample amongst some modern-day infosec figures who undertake names of previous radicals or subversives as symbolic identities.
Nonetheless, little is understood about Root aside from her technical functionality and antifascist intent. The CCC presentation centered on strategies and outcomes, not id. In consequence, the info is out, the positioning is gone, and the fallout is ongoing.
