Cyber Incident Victim: governor.state.nc.us
Date:
May 2016
Location:
United States of America
Summary
Anonymous conducted a DDoS attack targeting North Carolina government websites, including governor.state.nc.us, in protest of the state's controversial legislation restricting restroom access based on biological sex. The hacktivist group disrupted services to oppose perceived anti-LGBT policies, aligning with prior operations against similar laws in other states. While officials maintained that website operations remained unaffected, Anonymous promoted the attack through social media channels using hashtags like #OpGayRights and #TangoDown, framing it as part of their broader cyber activism for civil rights causes. The incident reflected ongoing tensions between digital protest tactics and government policy implementations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In May 2016, the hacktivist collective Anonymous conducted a distributed denial-of-service (DDoS) attack against multiple North Carolina government websites, including governor.state.nc.us, ncgov.org, and northcarolina.gov. This cyber campaign was a direct response to the state's passage of House Bill 2, commonly known as the "bathroom law," which mandated public restroom usage based on biological sex assigned at birth. The attacks occurred on or around May 14, 2016, as part of Operation Gay Rights (#OpGayRights), with Anonymous targeting digital infrastructure to disrupt government operations and protest legislation they viewed as discriminatory against the LGBT community. Official state representatives acknowledged the cyber assaults but maintained that government website operations continued without significant interruption during the incident. The attack followed Anonymous's established pattern of digital activism against perceived civil rights violations, mirroring previous operations against Indiana's Religious Freedom Restoration Act in 2015 and Donald Trump's presidential campaign websites during the 2015-2016 election cycle.
The operation featured coordinated social media activity through accounts such as @OperationLGBT, which publicly claimed responsibility and posted messages including "F— you North Carolina main govt website... making strong anti-gay laws!" alongside the hashtags #OpGayRights and #TangoDown. This incident represented part of a broader hacktivist campaign that included prior attacks against adult website xHamster for alleged censorship and Indiana's anti-abortion organization Right to Life. While the DDoS attacks temporarily disrupted access to targeted domains, no data breaches or permanent system compromises were reported. The North Carolina government did not disclose specific technical countermeasures taken, but maintained public assurances of operational continuity throughout the incident. Anonymous framed these actions as part of their ongoing digital protest strategy against policies they considered threats to civil liberties, extending beyond LGBT rights to include anti-corruption initiatives and other social justice causes.