A security researcher known by the pseudonym Martha Root has successfully breached a WordPress-hosted dating site catering to white supremacists, named WhiteDate, along with its associated platforms, WhiteChild and WhiteDeal. This breach has led to the exposure of thousands of user profiles, igniting discussions in cybersecurity and political spheres following a presentation at the 39th Chaos Communication Congress (CCC) held in Hamburg in December 2025.
Root, whose true identity remains undisclosed, revealed the compromised data on a site she established called okstupid.lol, a satirical take on the popular dating service OkCupid. An interactive map now allows users to browse a subset of the exposed profiles, while the complete dataset has been archived by the whistleblower organization Distributed Denial of Secrets (DDoSecrets), known for hosting sensitive leaks.
A Quiet Operation, Then a Public Reveal
Reports indicate that Root infiltrated the WhiteDate platform to extract valuable user information discreetly. This operation included the use of a custom AI chatbot designed to facilitate user interaction and data gathering, essentially automating social engineering tactics. Root’s objective was to compile as much information as possible before the site could take action or collapse under scrutiny.
Evidence suggests that the breach inundated Root with over 8,000 user profiles, encompassing around 100 GB of sensitive data. This leaked dataset consists of intricate personal details, including profile images, bios, expressed beliefs, internal communications, and potentially linking users to additional accounts. Some metadata from uploaded images also contained GPS coordinates.
During her presentation at the CCC, Root demonstrated how some users displayed repeated patterns in usernames and emails, which facilitated connections to profiles on mainstream social media platforms and previous compromised datasets. A recording of her demonstration is now accessible online, which notably includes the moment she deleted the main WhiteDate website while clad in a pink Power Ranger costume.
Imagine calling yourselves the “master race” but forgetting to secure your own website — maybe try mastering to host WordPress before world domination.
Martha Root
Target: WhiteDate and Ideology-Motivated Infrastructure
WhiteDate presented itself as a dating service for individuals who uphold “traditional European values,” and was rooted in white nationalist and ethnonationalist ideologies. The platform positioned itself as a countermeasure to mainstream progressive culture, employing far-right iconography and language in its branding.
Reportedly, WhiteDate’s infrastructure lacked adequate security measures to protect user data or restrict automated bot activities. Root capitalized on these vulnerabilities, allowing her to navigate the underlying framework with minimal opposition. She also maintained she uncovered the identities of the site’s owner and administrative team, although this information has not been disclosed publicly.
In addition to WhiteDate, two other far-right platforms, AryanDate and NationalistConnect, were involved in the data scrapes, although it remains uncertain if Root employed the same methods across different sites.
Publishing the Data: okstupid.lol and DDoSecrets
Root established okstupid.lol as a satirical interface for viewing curated profiles, offering redacted images and pseudonyms for users to browse. In contrast, the comprehensive, unredacted dataset has been entrusted to DDoSecrets, which has a history of publishing sensitive materials across various domains, including police records and extremist communication logs.
Watch Martha Root explain her hacking methodology:
Legal and Social Fallout
As of this writing, there has been no formal acknowledgment from the operators of WhiteDate. The platform’s domain became inactive shortly after the CCC event, displaying a “404 Not Found” error. Whether any legal action will be pursued remains uncertain, especially considering Root’s anonymity and the ideological motivations behind the site, which may restrict potential legal recourse.
In Germany, home to the CCC and a country with stringent laws against hate speech and extremist content, the reaction to the breach has largely been supportive, particularly among activist and antifascist groups.
Who Is Martha Root?
The pseudonym Martha Root references a historical figure known for her peace activism in the early 20th century. This alias aligns with a trend among contemporary cybersecurity professionals who adopt the names of radical or subversive historical figures as symbolic identities.
Despite her notable technical skills and antifascist motivations, little is known about Root beyond her actions. The CCC presentation concentrated on tactical methods and the breach’s outcomes rather than her identity. Consequently, the data is public, the site has vanished, and the repercussions continue to evolve.
