Last Updated on September 20, 2021 by Calvin C.
Epik has finally admitted that their systems were breached after initially denying the existence of a cyberattack. Last week, Anonymous hackers leaked Epik’s database, affecting 15 million users who use the service provider’s services.
The group of hacktivists managed to get 180 GB worth of data and this data is freely available to anyone who wants to view it.
Data that was stolen includes:
- Email addresses, including anonymized versions for domain privacy
- Phone numbers
- Physical addresses
- Domain purchases
- And more information about users
According to Anonymous, “a decade’s worth of data” was leaked online and clients that were affected include Texas GOP, Gab, Parler and 8chan.
The group went on to say all this data is “all that’s needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody”
You can check if your credentials were affected using this resource.
Epik is an American company that provides web hosting services and domain names to its users. It is known for providing services to clients whose content is not accepted by other hosting providers.
They accept websites with far-right and extremist content, something which put them on the radar of hacktivists.
Epik’s knowledgebase altered
After Epik initially denied that there was a data breach, Anonymous altered Epik’s knowledgebase to mock the company.
Although the company deleted the page, you can still find the archived page and it reads as follows:
“On September 13, 2021, a group of kids calling themselves “Anonymous”, whom we’ve never heard of, said they manage to get a hold of, well, honestly, all our data, and then released it at https://————–
They claim it included all the user data. All of it. All usernames, passwords, e-mails, support queries, breaching all anonymization service we have. Of course it’s not true. We’re not so stupid we’d allow that to happen.
We’ve not reported this to anyone yet and we probably won’t, since we don’t believe this has happened – it’s as bullshit as covid19 and 5G.
Here at Epik, we host all fascists, pig-f—–s, al-Qaida ———————– (hell, we’re actually members to many of these f———–l fascist organizations we host). We know what we’re capable off and no-one could be foolish enough to think that we’ve been hacked.
We’re not giving up the fight for a true fascist world, just because some punks claims to have hacked us. Don’t believe them. Q said that they’re lying.
(PS We did write this ourselves, this is obviously not part of the hacked account).”
Even non-users were affected
The data breach also affected non-users because the company scrapped WHOIS records belonging to individuals and organizations with zero ties to Epik.
Therefore, any contact information of non-Epic consumers was also kept in Epik’s systems.
Troy Hunt, founder of HaveIBeenPwned, sent a tweet asking affected individuals who don’t use Epik, if they preferred to receive a breach alert.
Hunt was one of the unfortunate victims caught in the crossfire because he doesn’t use Epik’s services.
Epik confirms the data breach
On September 18, Epik admitted in a tweet that their systems were breached.
The affected users also received an email from Epik, alerting them about the cyberattack.
Anonymous vs Epik
It all started when the Texas Hearbeat Act was passed, a law which prohibits abortions in Texas as early as 6 weeks.
According to the law, if an abortion is performed after this cut-off gestational age, a civil lawsuit can be brought against the abortion provider or anyone who assist in the process.
Following the passing of the law, a whistle blower website, Texas Right To Life, was kicked out by GoDaddy and found a new home at Epik.
This move put Epik on Anonymous’ radar and now all its data is in the public domain.
Make sure you check if your credentials are part of the data breach. Share this article with your friends on social media and leave comments below.