AUSTIN, Texas — The U.S. Department of Justice unsealed charges on March 28, 2025, against Aubrey Cottle, a 37-year-old Canadian from Oshawa, Ontario, accusing him of illegally accessing and stealing data from the Texas Republican Party in 2021. Cottle was arrested by Canadian authorities on March 26, 2025, and faces prosecution under Canadian law, while a criminal complaint filed in the Western District of Texas outlines the allegations against him. Cottle was also previously famous for hacking and leaking private donor information on people who had contributed to the GiveSendGo initiative meant to help people whose bank accounts were frozen by the Canadian government during the Freedom Convoy protests in Ottawa. The freezing of their accounts left people stranded in the middle of winter and unable to secure lodging or pay bills at home.
According to the charges, Cottle gained unauthorized access to a third-party hosting company’s computer system, where he defaced and downloaded a backup of the Texas Republican Party’s web server. This backup contained personal identifying information, which was later distributed and made available for download online. The Justice Department alleges that Cottle claimed responsibility for the breach on social media platforms. A subsequent search of his electronic devices confirmed he possessed the stolen data, bolstering the case against him.
The charges stem from an investigation led by the FBI Austin Cyber Task Force, with assistance from the Ontario Provincial Police and the Durham Regional Police Service. In the US charges, Cottle faces one count of unlawfully transferring, possessing, or using a means of identification with intent to commit, aid, or abet unlawful activity under federal law. If convicted in the U.S., he could face a maximum penalty of five years in prison. Assistant U.S. Attorney G. Karthik Srinivasan is prosecuting the case, supported by the Justice Department’s Office of International Affairs. Acting U.S. Attorney Margaret Leachman for the Western District of Texas announced the charges, emphasizing the collaborative effort between U.S. and Canadian law enforcement.
On the Canadian side, Cottle is charged with mischief to computer data, unauthorized use of a computer and possession of a device to obtain unauthorized use of a computer. The case is under a publication ban.
The breach, which occurred in 2021, exposed sensitive information tied to the Texas Republican Party, though specific details about the data’s scope and its subsequent use remain undisclosed in the public filing. The case highlights ongoing concerns about cybersecurity and the vulnerability of political organizations to digital attacks, particularly as such incidents can have far-reaching implications for privacy and electoral integrity.
As of March 31, 2025, Cottle remains in custody in Canada, with legal proceedings pending. The investigation continues to underscore the importance of international cooperation in addressing cybercrimes that cross borders.
