Dialog data breach exposes high-profile members amid dispute over cause
Personal details of 113 past participants, including a NATO commander and US senators, were accessible without authentication, raising questions about cybersecurity practices.
Dialog, the exclusive events group co-founded by Peter Thiel, has notified members and past participants that a database containing personal information was breached. Managing Director Juliette Levine stated that forensic investigators identified a "criminal" hacker as the cause, leading to the exposure of 113 past participants' names and details of some attendees registered for an upcoming August retreat in Dublin.
However, analysis by WIRED suggests the exposure resulted from a misconfigured website rather than a criminal break-in. A site set up to distribute a phone app for the August gathering loaded internal files on approximately 200 people into visitors' browsers without requiring a password. The data was made publicly accessible to any visitor who entered an email address on a specific landing page.
The exposed information includes comprehensive details such as private contact information, active login tokens, dates of birth, emergency contacts, cell phone numbers, political leanings, internal rankings, and grading notes. Data was sourced from Fillout forms hosted in Airtable databases. Fillout stated it was not aware of any compromise to its systems, attributing the issue to customer configuration.
A letter from Dialog’s outside counsel, D. Reed Freeman of ArentFox Schiff, demanded WIRED hand over data, characterising the incident as a "cyberattack" by a "known cybercriminal" and confirming law enforcement involvement. Journalist and cybersecurity researcher maia arson crimew discovered the data after receiving tips related to Jeffrey Epstein records and the retreat app.
Cybersecurity experts have described the incident as negligence rather than a malicious intrusion. Nicholas Weaver described the exposure as a web design error, while Aaron Mackey suggested the "criminal" label may be far-fetched. Prominent attendees, including Ezra Klein, Joseph Gordon-Levitt, and Sophia Bush, have publicly commented on their attendance, noting they had not met Peter Thiel or shared his political views.
