This is a multi-part interview with the individual known as “Nam3L3ss” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. Read the Preface. In this part, we talk about his background and what motivated him to do what he does. In Part 2, we talk about his methods for finding exposed data. In Part 3, we discuss some ethical concerns and the future.
His Background
Dissent Doe (DD): Can you tell us anything about yourself? What is your background?
Nam3L3ss (N): In what I term as my past life, I have held the following titles: Investigator, Information Intelligence Specialist, Business/Corporate Intelligence, and many more.
DD: In a forum post, you stated that the recent Columbus, Ohio breach and the mayor’s actions were a final straw for you that led to you start leaking databases. But when did you first start collecting/downloading data?
N: I have been interested in data for as long as I can recall. I truly began gathering data seriously in 1990 and have persisted with it to this day. For over 34 years, I have dedicated my interest to the meticulous task of using data to verify facts about individuals, companies, and government agencies. This pursuit of clarity and truth has instilled in me a profound appreciation for the integrity that accurate data brings to our understanding of the world.
However, the irony of my endeavor lies in my own existence, or rather, the conspicuous absence of a digital footprint. Despite my extensive experience sifting through information and scrutinizing the veracity of claims, I have intentionally crafted a life devoid of a personal email address or any real identity presence on the web. My decision to remain anonymous is both a personal choice and a philosophical stance. In an age where our lives are increasingly chronicled and shared on digital platforms, I find a sense of liberation in my anonymity.
Instead of pursuing a conventional career, I have chosen the path of entrepreneurship, running my own businesses that allows me to align my work with my personal values and aspirations.
Throughout my career, I have also engaged in various advisory positions, working as a contractor for different entities. Ultimately, my unconventional career path has been driven by a commitment to personal freedom and a belief in the power of entrepreneurship.
DD: So that’s an elegant way of saying you won’t reveal more about your credentials or past experience?
N: In an age where personal information is just a click away, revealing credentials or sharing past experiences can often seem like a necessary step towards building trust or credibility. However, for individuals like me who cherish the sanctuary of anonymity, this act can be perilous. The disclosure of my professional journey, achievements, or even hobbies can unintentionally serve as breadcrumbs, leading others to piece together my real identity. The thrill of anonymity offers a unique freedom; it allows for genuine interactions uncolored by preconceived notions or biases that often accompany a known identity. Living in this protected space not only nurtures my creativity but also shields me from the relentless scrutiny that can come with recognition.
DD: Okay. Can you say what title you would give yourself now for what you are doing on BreachForums?
N: At present, I consider myself a data breach and information watchdog and activist.
DD: That doesn’t seem to tie into entrepreneurship or contract work. What drives you to do this type of thing?
N: I would say that I am driven by a deep conviction that transparency and accountability are fundamental to a healthy society. In an age where data is often viewed as a commodity, the implications of widespread data breaches extend beyond mere financial loss; they touch on issues of privacy, trust, and ethical responsibility.
I feel compelled to spotlight the vulnerabilities that exist within organizations and urge them to adopt more robust cybersecurity measures and ethical data practices. I believe that individuals have the right to know how their personal information is being used and safeguarded. I focus on raising awareness about the consequences of neglecting data security and the pivotal role that whistleblowers and watchdogs play in exposing wrongdoing.
It may sound counterintuitive, but by sharing data breaches and the fallout from doing that, I hope to educate the public on the importance of vigilance when it comes to personal information.
It is not just about reacting to breaches; it’s about advocating for proactive measures that can prevent them from occurring in the first place. The more people understand the risks associated with their digital footprints, the more empowered they will be to demand better protections from those who handle their data.
DD: That sounds somewhat idealistic, and even optimistic. But it really doesn’t sound entrepreneurial at all. Are you financially motivated at all? Do you make any money from this or do you hope to make any money from this?
N: In no way, shape, or form do I profit from sharing the data I have or plan to share. My primary goal in disseminating this information is to foster transparency and promote informed discussions. The financial burden associated with data management is substantial; rather than reaping any monetary gain, I am confronted with the ongoing costs tied to data accumulation and storage. Each month, I find myself allocating approximately $500 USD just to address the expenses related to potential data breaches and leaks.
DD: If you were contacted by someone — someone from the government or maybe some master criminal — and they offered you $1 million for all the data you have right now, even without cleaning it up, would you sell it to them? If not, what price, if any, would convince you to sell?
N: As stated earlier, I do not do this to make money. If I was trying to make money, I could simply sell the cleaned databases in the hackers’ marketplaces. But I have never considered selling my data. Selling it crosses the line for me, and I think selling it might in fact be illegal (not sure on this). But flat answer is, NO.
“The Last Straw”
DD: In your forum manifesto, you said that your motivation was simple: “The last Straw came for me when Andy Ginther, mayor of Columbus, Ohio decided to sue Connor Goodwolf for talking about how the Mayor was downplaying the scope of their ransomware attack!” Many of us were infuriated by the mayor’s failure to disclose the breach accurately and for trying to censor Goodwolf from revealing the truth about the breach. But we didn’t go around dumping more than 100 databases from other entities. Why didn’t you just dump the Columbus data immediately and why haven’t you dumped it even a month after saying you intend to leak it?
N: I am not doing this because of Connor Goodwolf. I am doing this because of the Mayor’s decision to silence him. I can see how some might think I am doing it for HIM, but is more about being against Gov trying to silence people about this stuff.
The situation surrounding the Columbus, Ohio data leak raises serious concerns about the accountability of public officials, particularly Mayor Andrew Ginther. The fact that he lied about the data breach and broke state regulations regarding the reporting of such incidents should make one question the effectiveness of Ohio’s laws. The fact that the state is aware of the breach and has chosen not to take action against the mayor should lead one to wonder if Ohio’s laws are mere suggestions rather than enforceable regulations.
As to why I haven’t leaked it yet, the Columbus, Ohio data has certain information that I will not be a party to releasing, which is the only reason I haven’t released it yet. I have no intention of disclosing information about rape victims or the majority of witness-related material. To avoid making a victim of crime a victim for the media, I will first spend my time searching through the many databases!
In a moment of anger, I made a thoughtless comment in a forum post regarding the disclosure of police informants’ identities, which I now recognize as deeply misguided. Frustration can often cloud judgment, leading individuals to make assertions without fully grasping the potential consequences.
Although I harbor significant distrust toward law enforcement and the motivations of many criminal informants, I cannot ignore the ethical implications of disclosing such sensitive information. Despite my personal convictions, I must recognize the broader impact of my words and ensure that I do not contribute to a culture of recklessness that could endanger lives. In doing so, I affirm my commitment to prioritizing the safety and well-being of individuals, even those whose roles I may personally question.
DD: It sounds like there are lines you definitely will not cross. I’m glad to hear that and we will discuss moral and ethical questions a bit more in another part of this interview. But for now, I think there’s one more question I should ask: are you Connor Goodwolf?
N: Hell no.
Never met the guy, do not want to talk to guy, have no interest in him except the fact that the Mayor’s and City actions pissed me off. As I said he was not the only one.
DD: Okay, let’s talk about your methods.
Continue to
Part 2 (Methods) or Part 3 (Ethics and Goals) or
Return to Preface