A self-described security researcher operating under the pseudonym Martha Root has breached and exposed thousands of user profiles from a WordPress hosted white supremacist dating website, WhiteDate and two associated platforms, WhiteChild and WhiteDeal.
The incident was discussed during the 39th Chaos Communication Congress (CCC) in Hamburg in late December 2025, and has since drawn both praise and controversy across cybersecurity and political circles.
Root, whose identity remains unknown, published the leaked data on a site she created called okstupid.lol, a play on mainstream dating service OkCupid. A subset of user profiles is now browsable via an interactive map, while the full dataset has been archived through Distributed Denial of Secrets (DDoSecrets), a whistleblower platform known for hosting sensitive leaks.
A Quiet Operation, Then a Public Reveal
The operation, according to reports Root, involved herself infiltrating the WhiteDate platform and quietly extracting detailed information from user profiles. She also deployed a custom-built AI chatbot to engage with users and gather data more efficiently, effectively automating social engineering at scale. The goal was to “gather as much data as possible before the site went offline or noticed,” Root said.
As seen by Hackread.com, more than 8,000 user profiles and roughly 100 GB of data were extracted. The leaked dataset contains highly detailed personal information, including:
The breach appears to have exposed:
- Over 8,000 user profiles
- Profile photos, bios, and declared beliefs
- Internal communications and admin-level data
- Information possibly linking users to other accounts
- Metadata from uploaded images, some containing GPS coordinates.
In her CCC talk, Root reportedly demonstrated how some users reused usernames or email patterns, allowing connections to profiles on mainstream social platforms or previous leaks.
A video of her CCC presentation is now available online, confirming that the onstage demonstration, including the moment she deleted the main WhiteDate website – all this, while she wore a pink Power Ranger costume during the presentation.
Imagine calling yourselves the “master race” but forgetting to secure your own website —maybe try mastering to host WordPress before world domination.
Martha Root
Target: WhiteDate and Ideology-Motivated Infrastructure
WhiteDate, which claimed to be a “dating platform for white people with traditional European values,” was explicitly built around white nationalist and ethnonationalist ideologies. The site marketed itself as a “counter to woke culture” and used far-right imagery and talking points in its branding.
WhiteDate’s own servers reportedly failed to properly secure user information or restrict bot activity. Root exploited those vulnerabilities to access the underlying infrastructure and map out user data with minimal resistance. She also claims to have identified the site’s owner and administrative team, though those details have not been published.
Two additional far-right platforms, AryanDate and NationalistConnect, were also caught up in the data scraping, though it’s unclear whether Root’s method of access was the same for each.
Publishing the Data: okstupid.lol and DDoSecrets
Root created okstupid.lol as a satirical front-end to the leak, letting anyone view sanitized versions of the profiles with photo redactions and pseudonyms. However, the full unredacted dataset has been handed over to DDoSecrets, a group that has published troves of leaked content over the years including police documents, fascist group chat logs, and financial data from authoritarian regimes.
Watch Martha Root’s as she explains the hack:
Legal and Social Fallout
There has been no formal response from the owners of WhiteDate. The site’s domain went offline shortly after the CCC event and remains down with “nginx - 404 Not Found” error message as of this writing. It is not known whether legal action is being pursued, though Root’s anonymity and the site’s ideological nature may limit options for recourse.
In Germany, where the CCC took place and where hate speech and extremist content are prosecuted more aggressively than in many other countries, the online reaction to the leak has been largely supportive across activist and antifascist circles.
Who Is Martha Root?
The name Martha Root is itself a historical reference, a nod to an early 20th-century peace activist and writer. This alias is part of a pattern among some modern-day infosec figures who adopt names of past radicals or subversives as symbolic identities.
Nevertheless, little is known about Root other than her technical capability and antifascist intent. The CCC presentation focused on methods and outcomes, not identity. As a result, the data is out, the site is gone, and the fallout is ongoing.