Cyber Incident Victim: OperationLGBT
Date:
May 2016
Location:
United States of America
Summary
Anonymous launched DDoS attacks against North Carolina government websites in protest of the state's anti-LGBT legislation mandating public restroom use based on biological sex. The hacktivist group targeted domains including ncgov.org and governor.state.nc.us, though state officials maintained that operations were unaffected. Social media accounts linked to the campaign, such as @OperationLGBT, issued explicit condemnations alongside hashtags like #OpGayRights and #TangoDown. This action aligned with Anonymous's broader pattern of cyber activism against perceived civil rights threats, including prior attacks on Indiana's anti-LGBT policies and Donald Trump's campaign infrastructure. The group framed the operation as part of ongoing efforts to challenge discriminatory laws through digital disruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In May 2016, the hacktivist collective Anonymous initiated a distributed denial-of-service (DDoS) attack against multiple North Carolina government websites in response to the state's passage of House Bill 2, commonly referred to as the 'bathroom law.' This legislation mandated that individuals use public restrooms corresponding to the biological sex listed on their birth certificates, drawing widespread condemnation from civil rights groups. The attacks targeted critical state domains including ncgov.org, governor.state.nc.us, and northcarolina.gov, with operational disruption commencing around May 14, 2016. Anonymous framed the campaign—designated #OpLGBT or #OpGayRights—as retaliation against perceived discrimination targeting the LGBTQ+ community. State officials acknowledged the cyber assaults but maintained that essential government operations continued without significant interruption. This incident followed a pattern of similar Anonymous operations, including prior attacks against Indiana government systems protesting that state's Religious Freedom Restoration Act in 2015 and disruptions targeting Donald Trump's presidential campaign websites during the same election cycle.
The attacks were publicly claimed through Anonymous-affiliated social media accounts, including @OperationLGBT, which posted explicit messages such as "F— you North Carolina main govt website… making strong anti-gay laws!" alongside the #TangoDown hashtag indicating successful disruption. Tactics mirrored previous Anonymous campaigns against perceived civil rights violations, including the temporary shutdown of adult website xHamster over alleged LGBTQ+ discrimination and attacks on Indiana's 'Right to Life' organization. While North Carolina authorities did not disclose technical details regarding mitigation efforts or service restoration timelines, their public statements emphasized operational continuity despite the attacks. The incident highlighted Anonymous' continued use of direct cyber action to oppose legislation they viewed as discriminatory, extending a multi-year pattern of digital activism focused on LGBTQ+ rights, anti-corruption efforts, and other social justice causes.