US-based web host and domain registrar Epik has confirmed an “unauthorized intrusion” in its systems, a week after members of hacktivist group ‘Anonymous’ claimed that the group had obtained and leaked gigabits of data from the hosting company, including 15 million email addresses.
The firm initially denied reports of the breach by saying, “'we are not aware of any breach. We take the security of our clients' data extremely seriously, and we are investigating the allegation.”
According to data breach monitoring service HaveIBeenPwned, the leaked information, comprising 180 GB of information, includes not just information on Epik's own customers, but also millions of other people and organizations' details, whose information Epik scraped via 'Whois' queries from other domain name registrars.
The group claimed the attack was in retaliation for Epik’s habit of hosting questionable alt-right websites. “This dataset is all that’s needed to trace actual ownership and management of the fascist side of the internet. Time to find out who in your family secretly ran an Ivermectin horse porn fetish site, disinfo publishing outfit or yet another QAnon hellhole,” the group said.
However, Anonymous did not reveal when the attack took place, but timestamps on the most recent files indicated that it likely occurred in late February.
Epik, which was founded in 2009 by current CEO Rob Monster, is known to serve a variety of far-right clients, including Parler, Texas GOP, Gab, and 8chan - all of which are said to have been turned down by mainstream IT providers due to objectionable content.
Epik has started sending emails to impacted customers regarding an 'unauthorized intrusion', according to screenshots shared by cybersecurity expert Adam Sculthorpe and data scientist Emily Gorcenski. “As we work to confirm all related details, we are taking an approach toward maximum caution and urging customers to remain alert for any unusual activity they may observe regarding their information used for our services,'” reads Epik's email notice.
Although the firm did not say in the message if customers' credit card details were exposed, it encouraged users to contact their credit card providers and “notify them of a potential data breach to discuss your options with them directly.”