Just four days ago, Project Salt Box’s Michael Wriston and Defiance.org’s Miles Taylor appeared on The Rachel Maddow Show to announce their partnership for the GTFOice website. As Rachel Maddow noted, “They’re calling it a rapid response network to stop ICE prison camps before they start.”

An apparent data breach may have compromised user information submitted to GTFOICE.org, a newly launched platform designed to organize opposition to proposed ICE detention facilities across the United States. The situation is still developing, but early signs point to a serious security failure involving sensitive user data.

GTFOICE.org was launched by Miles Taylor, a former Department of Homeland Security official and self-described “security expert”, who later founded DEFIANCE.org. The site positions itself as a rapid response network that allows users to sign up for alerts about proposed ICE facilities in their communities and mobilize local opposition. Public materials on the site indicate partnerships with Project Salt Box and the Save America Movement, and its landing page describes the effort as a collaboration between those groups and DEFIANCE.org.

From the outset, we were skeptical of the platform. A site collecting personal data tied to political organizing around federal enforcement infrastructure raises obvious concerns, particularly when there is limited transparency about how that information will be stored or protected. We also viewed the project as a potential attempt by the founders of DEFIANCE.org to monetize a vulnerable group of people actively trying to stop ICE facilities in their communities. For that reason, we declined to endorse the site or promote it to the more than 670 members of the Hagerstown Rapid Response Signal group.

Three days ago, we signed up on the platform using multiple email addresses and phone numbers across several locations listed on the site, including Hagerstown and Williamsport, Maryland, as well as Salt Lake City. No confirmation emails or texts were received at the time of signup.

That changed this morning.

One of the phone numbers used during signup received a text message claiming that user data submitted to GTFOICE.org had been forwarded to federal authorities, including the FBI, HSI, and ICE. The message also included inflammatory claims about the individuals behind the project. We responded to the message but received no reply.

Shortly after, the GTFOICE.org website appeared to acknowledge an issue. Around 6 p.m. Eastern, the site displayed a notice stating that signups were temporarily paused while a security review was completed. Within roughly twenty minutes, that message was removed and replaced with a generic “under construction” page.

It remains unclear whether the message received was the result of a confirmed breach, a malicious spoof, or another form of compromise. However, the sequence of events raises serious questions about how user data was handled and whether it may have been exposed.

GTFOICE.org is collecting highly sensitive information from individuals organizing against federal immigration enforcement infrastructure. Any compromise of that data could have significant consequences for those involved.

This website has also recently been promoted on national news networks, likely garnering hundreds - even thousands - of signups from immigration activists across the country. Many of those activists are immigrants themselves, who trusted this website not only to help them push back against ICE locally, but also to protect their information. Instead, it is now possible that these activists and immigrants have had their information shared directly with multiple three-letter agencies who, in 2026, also cannot be fully trusted. Even if the information wasn’t shared, the mere fact that the data was this easy to access by an unknown hacker is cause for serious alarm.

Washington County Indivisible and Hagerstown Rapid Response urge people not to enter their information into this or any other websites until they are fully vetted, clear about their goals and intentions with your personal information, and how they will secure it. It is unacceptable to have compromised the security of so many people who went to GTFOIce to make their communities better, and instead received a gut-punch to their already precarious sense of safety in this political climate.

This is a developing story. We will continue to investigate and provide updates as more information becomes available.

Update May 4, 2026: Nearly 18,000 people have been affected by GTFOice’s apparent data breach. As DataRepublican wrote on Twitter:

17,662 people have signed up.

The sign-up data is exposed on a public REST API. No true authentication. No rate limiting. Full records: names, emails, phone numbers, zip codes, timestamps.

The man who ran the third-largest federal department (250,000 employees, $60 billion budget) who oversaw election security architecture and led counterterrorism operations, then served as Google’s Head of National Security Policy...

...can’t secure a sign-up form. But he does milk hundreds of thousands of NGO dollars on these credentials. While freeloading off his fame as the person who wrote the infamous NYT article “I Am Part of the Resistance Inside the Trump Administration.”

Here’s what this means in plain English: The information people entered when signing up is basically left out in the open online. There are no real protections in place to keep it private. Anyone who knows where to look can access it, and there are no limits to stop someone from pulling large amounts of data. As a result, full personal details like names, email addresses, phone numbers, zip codes, and even when someone signed up can be easily viewed and collected.

Republishing encouraged. Other outlets are encouraged to republish this article, in full or in part, as long as they clearly credit the original authors and link back to the original source.