A ransomware group leaked thousands of internal files from MyPillow on Friday, two days after CEO Mike Lindell denied that a hack had taken place.
As first reported by Straight Arrow on Tuesday, the ransomware gang Play announced on its dark web blog earlier this week that it had stolen data from Lindell’s company. The hackers said they would publish the data on Friday if their ransom demands were not met.
Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.
Point phone camera here
In a telephone interview with Straight Arrow on Wednesday, Lindell said he had not received a ransom demand and asserted that no data had been taken. Lindell, who is currently seeking the Republican nomination for governor in his home state of Minnesota, said the allegations regarding the hack were politically motivated.
“This is another hit job by outside sources because I’m running for governor,” Lindell said. “I guarantee it. We do not have any breaches in our data at all.”
Internal data published
Although Lindell referred to MyPillow as “the most secure company” in the country, Play published a 9.8-gigabyte cache of internal data from the pillow manufacturer, ranging from before 2011 to 2026, spread out over 11,456 files.
Straight Arrow’s initial analysis of the data found nearly 1,000 invoices sent by vendors to the company. Invoices regarding high-profile businesses and individuals include Trump Media & Technology Group, the company that owns President Donald Trump’s social media platform Truth Social, as well as conspiracy theorist Alex Jones and Lara Trump, who is married to the president’s son Eric.
In December 2023, for example, MyPillow paid Lara Trump $2,156.33 for advertising services. The same month, the leaked documents show, MyPillow wired $4,023.16 to Jones’ Free Speech Systems, then the parent company of his Infowars platform, for running a company promo.
Also that month, MyPillow paid Trump Media $161.97 for advertising.
Bank statements, audit files and wire transfers made as recently as this year are also present, alongside statements for American Express credit cards used by Lindell’s businesses, including FrankSpeech, the video streaming website now known as LindellTV.
A folder titled “Aviation” contains expenses and flight logs related to the use of a private jet from 2018 to 2024. Payroll information containing employees’ first and last names as well as phone numbers are readily available. Tax forms, such as 1099s and W-9s, reveal names, addresses, and Social Security numbers.
Straight Arrow shared several photos of the data with Lindell via text, but he did not immediately respond.
