05.01.2026
2 min
385
Approximately 100GB of sensitive data covering more than 8,000 user profiles has been leaked from the white supremacist dating platform WhiteDate. The breach also affects related platforms WhiteChild and WhiteDeal, with the dataset — dubbed “WhiteLeaks” — shared with journalists and researchers via DDoSecrets.
According to an investigative journalist operating under the pseudonym Martha Root, the platforms suffered from extremely poor cybersecurity practices. No sophisticated hacking techniques were required to extract the data — a simple URL manipulation allowed the full user database to be downloaded.
The exposed information includes usernames, age, gender, location, activity history, education, income range, religious views, marital status, and even self-reported IQ. Particularly sensitive are profile photos containing EXIF metadata, revealing precise GPS coordinates, timestamps, and device details, effectively exposing users’ real-world locations.
WhiteDate, WhiteChild, and WhiteDeal were operated by a single far-right extremist based in Germany and marketed as dating, family, and professional networking platforms for individuals with racist ideologies. Over several months, the researcher used LLM-powered chatbots to create convincing fake accounts that passed verification and interacted with real users.
The findings were presented at the Chaos Communication Congress, where journalists described WhiteDate as a “Tinder for Nazis.” While private messages and emails have not been publicly released, the full dataset is available to vetted researchers and media outlets.
The WhiteDate breach highlights how ideologically driven platforms combined with poor security hygiene can lead to large-scale exposure of sensitive personal data. Even closed extremist communities are vulnerable to basic technical flaws, with real-world consequences for user privacy and safety.
