Members of Goatse Security released information in June 2010 about email addresses on AT&T's website from people who had subscribed to mobile data service using the iPad.

"[10] The group denied allegations of racism and homophobia, explaining that the name was intended to sow disruption on the internet and challenge social norms (claiming it was derived from the 1992 Danish satirical blaxploitation film Gayniggers from Outer Space).

[5][20] One such site, "Last Measure," contained embedded malware that opened up "an endless cascade of pop-up windows displaying pornography or horrific medical pictures.

In July 2004, two GNAA members submitted leaked screenshots of the upcoming operating system Mac OS X v10.4[23] to the popular Macintosh news website MacRumors.

[30] On February 3, 2007, the GNAA successfully managed to convince CNN reporter Paula Zahn that "one in three Americans" believe that the September 11, 2001, terror attacks were carried out by Israeli agents.

[12] On October 30, the GNAA began a trolling campaign in the aftermath of Hurricane Sandy on the US East Coast, spreading fake photographs and tweets of alleged looters in action.

[37] In January 2013, the GNAA collaborated with users on the imageboard 4chan to start a "#cut4bieber" trend on Twitter, encouraging fans of Canadian pop singer Justin Bieber to practice self-harm.

[40] On October 13, 2016, GNAA member Meepsheep vandalized Wikipedia to cause the entries for Bill and Hillary Clinton to be overlapped with pornographic images and a message endorsing Republican presidential candidate Donald Trump.

[41] In August 2017, GNAA was named as having been involved in a feud between employees of the popular dating app Bumble, and tenants of the apartment building in Austin, Texas where the company was, at the time, illegally headquartered.

[42] Joseph Bernstein of BuzzFeed News reported that one of the building's residents contacted GNAA to "fight back" against Bumble after multiple complaints regarding the company's activities were ignored.

[3][45] The data was aggregated from AT&T's own servers by feeding a publicly available script with HTTP requests containing randomly generated ICC-IDs, which would then return the associated email address.