Maia arson crimew

Early Life

maia arson crimew was born on August 7, 1999, in the Bruch district of Lucerne, in the German-speaking region of Switzerland. As a teenager she worked in information technology and became the founding developer of Lawnchair, a widely used open-source application launcher for Android. Lawnchair has been maintained by a separate development team since February 2021. She was a member of the Young Socialists Switzerland and stood as a candidate for Lucerne City Council in 2020.

Early Leaks and Hacking Activity

In July 2020, crimew posted source code from dozens of companies to a GitLab repository. On August 6, 2020, she uploaded more than 20 gigabytes of Intel's proprietary data and source code to Mega, material she obtained from another hacker who claimed to have breached Intel around May 2020. In January 2021, she was involved in a source code leak from Nissan, which she said she accessed after learning from an anonymous source about a Bitbucket server configured with default credentials.

In addition to her own leaks, crimew maintained a Telegram channel called "ExConfidential" where she shared information about leaks by others. Following the raid of her home in March 2021, Distributed Denial of Secrets created a torrent of data from the channel. Crimew stated in March 2021 that most of her breaches did not require significant technical skill.

Verkada Hack

On March 8, 2021, crimew and a group of hackers calling themselves "APT - 69420 Arson Cats" gained "super admin" access to the network of Verkada, a cloud-based security camera company, using credentials found on the public internet. The group maintained access for 36 hours, collecting approximately 5 gigabytes of data including live footage and recordings from more than 150,000 cameras located in a Tesla factory, an Alabama jail, a Halifax Health hospital, and residential properties. The group also accessed Verkada's customer list and private financial information, and reached the corporate networks of Cloudflare and Okta through Verkada cameras.

Crimew served as spokesperson for the group and contacted a Bloomberg journalist shortly after the breach, which led Verkada to revoke the hackers' access. Her Twitter account was suspended after she shared screenshots of live camera feeds.

Indictment and Legal Proceedings

In March 2021, a grand jury in the United States District Court for the Western District of Washington indicted crimew on charges related to alleged hacking activity between 2019 and 2021. The twelve-page indictment alleged she hacked dozens of entities, published proprietary information and code from more than 100 entities including government agencies, and sold hacking-related merchandise. She was charged with computer fraud and abuse, wire fraud, and identity theft. The charges were unrelated to the Verkada hack.

Swiss police raided her home and her parents' home at the request of US authorities, seizing her electronic devices. Seven officers searched her home and fifteen searched her parents'. The FBI also seized the website git.rip, through which Verkada camera photos had been shared. As of March 2021, she was represented in Switzerland by lawyer Marcel Bosonnet, and a crowdfunding campaign was launched in April 2021 to fund US legal representation.

Switzerland's Federal Department of Justice and Police confirmed it does not extradite Swiss nationals against their will. Swiss newspaper Le Temps reported that crimew would be tried in Switzerland rather than extradited. Swiss reporting indicated a maximum potential sentence of four and a half years if tried in Switzerland.

No Fly List Discovery

On January 19, 2023, crimew reported discovering 2019 versions of the US government's No Fly List, containing 1.56 million entries, and the Selectee List, containing 250,000 entries, hosted by airline CommuteAir on an unsecured Amazon Web Services server. She noted that the list showed clear demographic patterns, with over 10% of entries containing the name "Muhammad." Her blog post announcing the discovery, which featured a partially obscured photo of the list alongside a Sprigatito plush toy, became an internet meme.

Other Investigations and Writing

Crimew collaborated with journalist Ryan Fae to investigate an account believed to be an alternative Twitter profile of Elon Musk, concluding the account belonged to a person named Adrian Dittmann living in Fiji. The findings were published in a January 2025 article in The Spectator. Following publication, Twitter suspended the accounts of crimew and both journalists, citing its doxing policy. Since August 2024, crimew has written a column for Das Lamm, a German-language investigative journalism magazine, and maintains a blog covering exploits by herself and others.

Personal Life and Beliefs

Crimew lives in Switzerland. She is non-binary and uses it/its and she/her pronouns, with a stated preference for it/its. She identifies as autistic, bisexual, and a lesbian, and legally changed her name to maia arson crimew in 2022, stylized in all lowercase. She has cited curiosity, anti-capitalism, anarchism, and opposition to intellectual property as motivations for her hacking. She is an activist for Boycott, Divestment and Sanctions and has participated in "No Tech for Genocide" protests. On July 8, 2025, she was briefly detained after interrupting the ITU AI for Good event in Geneva.