It is confirmed by Epik, an online service provider, that an unauthorized intrusion has indeed transpired into their systems following an incident last week where a hacker called Anonymous has leaked over 180 GB worth of stolen data from them. The threat group has even taunted Epik’s initial response to the attack by altering their official knowledge base.
Epik is a web-hosting firm recognized for offering website services that accommodate right-wing clients, neo-Nazi, and illicit content. Some of their clients include 8chan, Texas GOP, and Parler.
According to reports, the leaked data on Epik consists of over 15 million email addresses that are owned by both customers and non-customers of the company. The problem happened when Epik scraped and stored the domain records of WHOIS, a query and response protocol, even those that are not owned by them. Thus, even those who never had any direct transactions with Epik had their contact information retained within its systems.
A data breach monitoring service has already started to send out notifications and alerts towards the millions of exposed email addresses following the data breach. The service founder said that their organization was one of the millions affected by the breach even though they had no direct transaction with Epik.
Overall, the affected data included more than 15 million names, mobile numbers, unique email addresses, physical addresses, and passwords in various formats.
Coming from information shared by cybersecurity researchers, the firm has confirmed the data breach and emailed all the affected organizations regarding the unauthorized intrusion. They are said to be working with Epik in confirming the scope of all breach-related details. They are taking an approach in urging clients to remain cautious about any suspicious activities that may happen, including any authorized financial activities or usage of their credentials.
Epik has not yet verified if the affected parties’ credit card details are also a part of the compromised information.
Nevertheless, they highly encourage people to contact the credit card companies they use in transacting with Epik and inform them about a possible attack.