I know we disagree on a great deal politically, but I think we share the same concern here: protecting people’s personal data. I do not want to see anyone’s PII exposed, regardless of affiliation.

I’ve reported on several cybersecurity incidents involving activist organizations: all were fundamental failures in access control and data protection. In StopICE's case, Sherman Austin publicly denied that any breach had occurred. As a result, many affected users never rotated their passwords despite an exposure affecting roughly 100,000 accounts.

Unfortunately, this kind of security posture is not unusual among activist-operated platforms today.