StopICE Data Breach Sent Names And Locations of 100,000 Users to The US Government
The anti-ICE activist app and website StopICE has reportedly suffered a major security breach, exposing the personal information of more than 100,000 users to US federal agencies, including the FBI, ICE and HSI. Hackers said they accessed names, logins, passwords, phone numbers and GPS coordinates, and sent the data directly to authorities. One of the app's key organisers, Sherman Austin, allegedly failed to inform users of the breach despite having the opportunity to do so.StopICE Breach DetailsAccording to social media posts and discussion threads on Reddit, the StopICE hackers delivered sensitive data from the app to multiple federal agencies. The exposed information reportedly includes full names, user credentials, phone numbers and precise location data for more than 100,000 registered users. One post indicated that the breach involved detailed GPS coordinates, potentially identifying activists' residences or frequent locations.
Users and security analysts have expressed alarm at the scale and specificity of the data compromised. Exposed login information could allow malicious actors or law enforcement to track individuals or access other linked accounts, amplifying the risk for people involved in anti-ICE advocacy.Sherman Austin's RoleSherman Martin Austin, a well-known anarchist born on April 10, 1983, has reportedly been identified as a key figure behind the StopICE platform. Austin previously gained notoriety for his involvement in online activism and his prosecution under 18 U.S.C. § 842(p), a federal law against distributing explosive information with the intent to commit violent crime. In 2002, he served one year in federal prison following a plea deal.
Critics argue that Austin's past legal issues and controversial activism put users at additional risk, particularly as he allegedly failed to inform them about the breach promptly. A post about the incident noted that 'Sherman Austin was given time to tell his users of this security breach. Sherman Austin failed his lesson', suggesting a lack of accountability in managing user data.What is StopICE for?StopICE(dot)net is a crowdsourced alert platform designed to help people monitor and report US Immigration and Customs Enforcement (ICE) activity, particularly raids and enforcement operations, across the country. The site calls itself the Stop ICE Raids Alert Network, a nationwide mobile alert system where users can submit and receive real‑time information about suspected ICE presence, including vehicle sightings, licence plates, timestamps and locations.Users can send alerts via text or through the website, and view a live map of recent reports submitted by the community. The platform aims to give vulnerable communities early warnings about enforcement activity so they can make informed decisions, seek legal aid, or offer support to affected families. It also provides resources like 'Know Your Rights' materials and encourages community engagement rather than direct interference.While the site presents its operations as protected free speech, some independent website trust reviews have flagged StopICE.net as having a low trust score and potential suspicious indicators such as unclear ownership and new domain status.What This Breach Means for Activists and UsersUsers who relied on the platform to organise protests or share information about immigration enforcement may now be exposed to law enforcement. Civil liberties groups have expressed concern that activist communities may be disproportionately affected by security lapses, particularly when dealing with controversial topics like immigration enforcement. They warn that failure to secure and communicate about user data could undermine both trust and participation in digital organising efforts.In response to the breach, StopICE users have been urged to change passwords, monitor linked accounts, and exercise caution in using similar platforms. Federal authorities have not publicly confirmed receipt of the leaked data, and Austin has yet to release a detailed statement addressing the breach.
