A dramatic act of hacktivism unfolded last week at one of Europe’s most prominent cybersecurity gatherings when a pseudonymous hacker remotely erased three white supremacist websites during a live, onstage presentation. The takedown occurred in real time before an audience of technologists, researchers, and activists, and days later, the targeted platforms remain inaccessible.
The incident took place at the annual Chaos Communication Congress (CCC) in Hamburg, Germany, a long-running event known for spotlighting digital rights, surveillance, hacking culture, and online security failures. The hacker, known by the alias “Martha Root,” concluded a presentation by deleting the servers hosting the extremist platforms, effectively knocking them offline in front of the crowd.
Adding to the spectacle, Root appeared onstage wearing a Pink Ranger costume, an intentional visual contrast that highlighted both the theatrical and political nature of the act.
Platforms That Served the White Nationalist Ecosystem
The three erased websites—WhiteDate, WhiteChild, and WhiteDeal—were part of a loosely connected ecosystem catering to white supremacist communities online.
WhiteDate operated as a dating site exclusively for white nationalists, promoting racially segregated relationships. WhiteChild claimed to connect white supremacist sperm and egg donors, pushing ideas tied to racial purity and eugenics. WhiteDeal functioned as a racially restricted gig-style marketplace where users could seek or offer services within an explicitly racist framework.
Each platform targeted a different aspect of daily life—relationships, reproduction, and employment—reflecting how extremist ideologies attempt to normalize themselves through ordinary digital services. Since the live takedown, none of the websites have reappeared, and visitors are met with inactive pages or error messages.
Journalism and Hacktivism Intersect on Stage
Root did not act alone. The presentation was delivered alongside investigative journalists Eva Hoffmann and Christian Fuchs, both known for reporting on far-right movements and digital extremism in Europe. The two journalists previously co-authored an investigation into the three websites for the German newspaper Die Zeit, published in October.
That reporting examined how extremist platforms often rely on amateur infrastructure and minimal security despite promoting ideologies centered on strength, discipline, and superiority. The CCC presentation built on that reporting by showing, live, how fragile those systems were in practice.
The decision to delete the servers publicly was framed as a demonstration of how easily such networks can collapse when exposed to even basic scrutiny.
Administrator Acknowledges the Attack
Shortly after the incident, the administrator behind the three websites confirmed that the platforms had been remotely deleted. In public posts on social media, the administrator condemned the action and suggested that consequences would follow.
The administrator also claimed that their social media account on X was briefly taken down during the incident before later being restored. These claims have not been independently verified, and no evidence has emerged that the administrator had reliable backups or a clear recovery plan in place.
As of now, the platforms remain offline, and there is no indication of when—or if—they will return.
Public User Data Exposed Before Deletion
In addition to wiping the servers, Root said they accessed and archived publicly available data from WhiteDate prior to taking the site down. According to the hacker, the platform suffered from severe security weaknesses that left user information exposed.
The collected data reportedly includes user profiles containing names, photographs, ages, self-written descriptions, and location details. In some cases, image metadata allegedly contained precise geographic coordinates, potentially revealing exact locations. Other profile fields included self-identified race, gender, language, and additional personal details voluntarily submitted by users.
While Root stated that the dataset does not currently include email addresses, passwords, or private messages, cybersecurity experts warn that aggregated public data can still pose serious risks, particularly when tied to extremist networks.
Thousands of Accounts Impacted
Based on the archived data, WhiteDate reportedly had more than 6,500 registered users at the time of the breach. The dataset suggests a heavily skewed user base, with the majority identifying as male and a significantly smaller proportion identifying as female.
Researchers who study online extremism say such imbalances are common on ideologically driven dating platforms, many of which struggle to attract diverse participation despite their emphasis on traditional family structures and reproduction.
The scale of the user base highlights how even niche extremist platforms can quietly accumulate thousands of participants when left unchecked.
AI Tools Used to Bypass Safeguards
One of the more striking technical details revealed during the CCC talk involved the use of artificial intelligence. Root said AI-powered chatbots were used to bypass verification systems on the sites, including checks intended to confirm users’ racial identity.
The success of these automated tools underscored how superficial and easily manipulated the platforms’ safeguards were. Experts attending the conference noted that such vulnerabilities are increasingly common, especially on fringe platforms that lack professional security oversight and rely on basic moderation systems.
DDoSecrets Takes Custody of the Dataset
The nonprofit transparency group DDoSecrets later confirmed that it had received files and user information linked to all three websites. The organization, which archives leaked data for public-interest research, is referring to the collection as “WhiteLeaks.”
Rather than publishing the data openly, DDoSecrets said it will restrict access to vetted journalists and researchers. The group cited ethical concerns and the importance of preventing further harm while allowing qualified investigators to study extremist networks and infrastructure.
During the presentation, Root and the accompanying journalists said they had identified the individual believed to be operating the websites as a woman based in Germany. No name was made public, and the claim has not been independently confirmed.
German authorities have not publicly commented on whether any investigation is underway related to the hack, the leaked data, or the operation of the extremist platforms themselves.
