Cyber Incident Victim: Bradley Foundation
Date:
Oct 2016
Location:
United States of America
Summary
The Bradley Foundation was compromised by a group identifying as Anonymous Poland, which claimed the hack aimed to expose alleged corruption involving a purported donation to a political campaign. Attackers exfiltrated over 30 GB of sensitive employee data, including contact information, tax records, and internal investment documents, while promoting conspiracy theories about election interference. Initial access reportedly exploited weak administrative credentials ("admin/password"), though the foundation disputed the authenticity of a key document cited by the hackers. Following the breach announcement via social media, which included screenshots of a disputed donation letter, the perpetrators lost network access after security enhancements were implemented by the organization.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 29, 2016, the Bradley Foundation suffered a cybersecurity breach perpetrated by the group Anonymous Poland. The attackers publicly announced the hack via Twitter, sharing screenshots of a purported letter alleging the foundation donated $150 million to Hillary Clinton’s presidential campaign. Anonymous Poland claimed the intrusion aimed to expose corruption linked to the Clinton Foundation and influence the U.S. election by discrediting Clinton. Initial access was reportedly gained through compromised administrative credentials using the weak username/password combination "admin/password." The group exfiltrated over 30 gigabytes of sensitive data, including employee contact details, tax records, and internal investment documents. The attackers also promoted geopolitical motives, stating their actions supported Donald Trump’s election to facilitate the return of Ukrainian territories. The foundation’s systems were subsequently secured, cutting off Anonymous Poland’s access shortly after the breach.
The compromised data revealed extensive personal and financial information of Bradley Foundation employees, alongside operational documents. Anonymous Poland disseminated the stolen materials through online platforms, amplifying claims of Clinton campaign financing irregularities. The foundation categorically denied the authenticity of the donation letter cited in the leak, dismissing it as fabricated. The incident fueled broader conspiracy theories about foreign interference in the 2016 election, with DataBreaches.net documenting interactions between the attackers and media outlets. No evidence substantiated the alleged $150 million contribution, and the breach primarily served as a disinformation vehicle. The foundation implemented post-incident security measures but did not disclose specific remediation steps. The attack highlighted vulnerabilities in credential management and the exploitation of geopolitical narratives to manipulate public opinion during electoral processes.