The hacker who took years of Whaleoil blogger Cameron Slater's communications has reached out from behind the pages of Dirty Politics and promised further revelations.
The first contact came a week ago, shortly after author Nicky Hager announced he had a new book coming.
It was made through encrypted email and sought a journalist's pledge of source protection.
It wasn't until Sunday night the Herald was able to confirm the person was genuine - they provided details which matched with information gathered from other sources.
And then came the first "dump", as the hacker called it.
Read more:
• Slater's messages with former prostitute revealed
• Hacker dump: Ex-PM staffer in the spotlight
Four years of Slater's email communications with an ex-prostitute were made available for download from the filesharing site Mega.co.nz.
The hacker community is notorious for its mischievous humour - the choice of Mega was practical as the only cloud storage offering user-based encryption but would also drive theories among some that its founder Kim Dotcom was behind the hacking. Dotcom has denied the claim.
Other in-jokes popped up when the hacker set up the @whaledump Twitter account, from which he said he would release further information.
It called itself "a wholly pnwed subsidary of C&M Ltd" - the "pwned" being hacker-speak for using computer skills to dominate an opponent and C&M Ltd being the title of a chapter in Hager's book, Chaos and Mayhem Ltd.
Further hacker-humour could be found in the encryption key - it resolved to Winston Peters' Parliamentary email address.
The hacker dumped information online.
Then the person emailed the only public comment they intend to make, denying political motivation but a desire to "take down this corrupt network".
"My next batch of leaks will prove this."