Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists

Summary

GTFO ICE, an anti-immigration detention advocacy platform linked to former DHS official Miles Taylor, exposed the personal details of 17,662 activists including names, emails, phone numbers, and ZIP codes through a completely unprotected REST API with no authentication or rate limiting. The vulnerability was discovered in May 2026 and reportedly remained open for at least 12 hours despite warnings, with concerns that the data may have been shared with federal agencies including the FBI, HSI, and ICE. The site was subsequently taken offline for a security review.

Full text

Security Leaks PrivacyAnti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies. byDeeba AhmedMay 5, 20262 minute read Miles Taylor, a former Department of Homeland Security Chief of Staff and former Google security executive, is at the centre of a major data exposure-related controversy. His new project, GTFO ICE, was launched just a couple of weeks ago with a media appearance on The Rachel Maddow Show. The platform, found at GTFOICE.org, was meant to be a tool for people to organise against immigration detention centres. However, it allegedly failed to protect the personal details of every person who signed up. For context, GTFO ICE (“Get The Facilities Out”) is a rapid-response network and advocacy tool launched in April 2026. It enables users to identify, track, and protest proposed Immigration and Customs Enforcement (ICE) detention facilities in their communities, aiming to “crowd cancel” them. The REST API Exposure According to researchers, the site was using a public REST API that was completely unprotected. For your information, REST API allows a website to send and receive information from a database. In simple terms, the website’s database was connected to the internet without a password or any authentication to block unauthorized users. Another issue is that the site lacked rate limiting, which basically stops a single user from making thousands of requests at once. In its absence, any hacker or other threat actor could download the entire list of users in seconds, including names, email addresses, phone numbers, ZIP codes, and signup timestamps for 17,662 people. Timeline of the Exposure The issue got noticed around May 2026 when a group called Hagerstown Rapid Response tested the site using phone numbers in Maryland and Utah. They didn’t get a confirmation, but a few days later, they received a text message claiming that the user data from GTFO ICE had already been sent to federal agencies, including the FBI, HSI, and ICE. An X (formerly Twitter) user known as @DataRepublican reportedly notified Taylor about the vulnerability. Despite this warning, the API allegedly remained open for at least 12 hours. Shortly after, the website owners put up a notice saying they were doing a security review. The site was then replaced with an ‘under construction’ page. @DataRepublican on X sharing their findings along with a screenshot from the allegedly exposed records This incident has caused a massive wave of concern on the social media site Bluesky, where many of the activists who signed up were coordinating. These users trusted the platform because of Taylor’s high-level background in national security. Taylor, who became famous for writing an anonymous ‘Resistance article during the Trump administration, had his security clearance suspended in 2025 for other conduct issues. Earlier today, the GTFO ICE website displayed a maintenance notice. At the time of writing, it shows a message stating: “This app isn’t live yet. We couldn’t find a Replit app at this address. If you’re the owner, publish your app to make it reachable.” This story is developing; stay tuned. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. Cybersecuritydata breachGTFO ICEICELEAKSMiles TaylorPrivacyVulnerability Leave a Reply Cancel reply View Comments (0) Related Posts Security Locating malicious drone operators through deep neural networks Researchers at Ben Gurion University have developed a technique... byZara Khan Hacking News Malware Security Avanti Markets’ kiosks hacked; credit card, biometric data stolen The self-service kiosks of Avanti Markets were recently hacked with criminals stealing customer information which included credit card… byJahanzaib Hassan Security Android Malware HummingWhale Malware infected Android Apps Downloaded Millions of Times CheckPoint security firm has detected a presence of the notorious HummingWhale malware in 20 Android apps, which are quite… byWaqas Security Malware Say Hello to Ransomware Targeting Smart TV FLocker malware was once found targeting Android smartphones but its new variant is even locking up Android Smart TV!… byWaqas

Indicators of Compromise

• domain — GTFOICE.org
• url — https://GTFOICE.org

Entities