🚨🧵 BREAKING: Former DHS Chief Miles Taylor's prank site collected death threats against the President and 4,000+ people's personal data. Then exposed them through all an open API. 🚨
Two days ago, I showed you how Miles Taylor's GTFO ICE site exposed 17,000+ people's data on an open API. That site halted sign-ups and is still "under construction."
But Taylor's organization DEFIANCE[.]org didn't just build one leaky site. They built two. On the same server.
UndoTrump[.]org — launched April 1, 2026 as an "April Fools' joke" — collects names, emails, and political messages from people signing up for fictional "Removal Parties" at government buildings. The White House Ballroom. The Kennedy Center. The DOJ. Battleships.
4,000+ signup records. 3,300+ unique people. Same vulnerability. Same API. Same zero authentication.
And this one has death threats against a sitting President in the database.
The man who was deputy chief of staff for the department that houses the Secret Service couldn't secure a sign-up form. Again.
As always, patience as I pull together the thread. 👇
Here's a video of Miles himself soliciting PII in sign-ups. He implies he's not saving the user data... but he did.
Same server. Same IP address. 34.111.179.208. Google Cloud Platform. Same React 19 frontend. Same Express.js backend. Same registrar. Domains registered 13 days apart.
This wasn't two mistakes. This was one codebase deployed twice. Name.com
Here's the joke. UndoTrump[.]org launched on April Fools' Day 2026. Taylor's own Substack admitted: "These Removal Parties aren't real... YET."
The data collection was real though. 4,000+ signups over 25 days. Names. Emails. Political messages. No security.
Many of the messages did not indicate knowledge that the site was a prank. Many suggested they were government employees - which is one reason we took so long to report on this, we were giving the data through all the channels we knew of.
Taylor signed up for his own site as user #5. "Miles from DC." March 30 — two days before public launch. User #3 is Xander Schultz, his co-founder. The other pre-launch sign ups are test users.
They knew exactly what this site collected. They built it. DEFIANCE.org
The messages people submitted weren't just political commentary. Multiple entries contain explicit death threats against the President of the United States — a federal crime.
It got reported. All of it.
Miles Taylor was DHS Deputy Chief of Staff. That department houses the United States Secret Service — the agency that investigates threats against the President.
He built a site that collected those threats. And apparently never reported them. @EagleEdMartin @HarmeetKDhillon
@EagleEdMartin @HarmeetKDhillon Foreign nationals from 13+ countries signed up — Canada, Germany, UK, France, Brazil, India, Australia, Bhutan, and more. Including a Bhutan .gov email.
For a campaign targeting US federal buildings. On an unregistered "nonprofit's" open API.
This is the same Miles Taylor who put up billboards in solidarity with the Seditious Six. Credit to @iamlisalogan and @SKDoubleDub33 for finding this. They also found a lot more about Defiance[.]org's connections to the larger color revolution network - needless to say, they're deeply involved.
CONCLUSION:
Miles Taylor put out a video walking through the site, shows you exactly how to enter your name and email, and calls it a "viral April Fools' joke to draw in support for an anti-Trump nonprofit."
4,000+ people took the bait. Their data landed in an unsecured database with death threats against the President.
Two sites. One server. Zero security. Federal criminal exposure.
The man who ran homeland security couldn't secure a sign-up form. Twice.
@EagleEdMartin @HarmeetKDhillon @iamlisalogan @SKDoubleDub33 If you appreciated this content, follow @bitchuneedsoap and @astrarce , who have done a spectacular job of breaking data breaches in activist websites.
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.