Epik’s data breach affects 15 million users, including non-customers



Epik has now confirmed that an “unauthorized intrusion” has indeed occurred in its systems. The announcement follows last week’s incident by hacktivist collective Anonymous that disclosed 180 GB of stolen data to online service provider Epik. To mock the company’s initial response to the data breach allegations, Anonymous modified Epik’s official knowledge base, as reported by Ars.

Epik is a domain registrar and web service provider known for serving right-wing customers, some of whom have been turned down by more traditional IT vendors due to objectionable and sometimes illegal content hosted by customers. Epik’s customers include Texas GOP, Parler, Gab, and 8chan, among others.

Epik hack also impacts millions of non-customers

It turns out that the leaked data dump contains 15,003,961 email addresses belonging to both Epik customers and non-customers, and not everyone is happy with the news. This happened after Epik had retrieved the WHOIS records for domains, even those that did not belong to the company, and stored those records. In doing so, the contact details of those who have never transacted directly with Epik were also kept in Epik’s systems.

The HaveIBeenPwned data breach monitoring service has now started sending alerts to millions of email addresses exposed in the Epik hack. The founder of the service, Troy Hunt, is one of many impacted by the data breach but who “had absolutely nothing to do with Epik. “

In a survey Last week, Hunt asked whether affected users who weren’t Epik customers would prefer to receive breach alerts as well. The majority of users answered yes to the question.

“The breach exposed a huge volume of data not only from Epik’s customers, but also deleted WHOIS records belonging to individuals and organizations that were not Epik customers,” States HaveIBeenPwned. “The data included over 15 million unique email addresses (including anonymized versions for domain privacy), names, phone numbers, physical addresses, purchases, and passwords stored in various formats. “

Ars saw part of the leak whois.sql dataset file, approximately 16 GB in size, with email addresses, IP addresses, domains, physical addresses, and phone numbers of users. We noticed that the WHOIS records for some domains were dated and contained incorrect information about domain owners, people who no longer own those assets.

Epik's WHOIS database, part of the 180 GB leak.
Enlarge / Epik’s WHOIS database, part of the 180 GB leak.

Ax Sharma

Before registering domains, domain registrars require users to provide their “WHOIS” contact information, such as email address, physical address, and telephone number. This information becomes part of the public WHOIS directory and is searchable by anyone to contact the owner of the domain. Being public data, WHOIS records can be seen or deleted by anyone. Those who prefer not to disclose their personal information directly to a WHOIS directory often rely on a company or a private whois provider to act on their behalf. However, what worried users in this case is that the presence of their contact information in Epik’s dataset could falsely present them as having a connection to Epik when there is no connection to Epik. had none.

“I wonder if there is a legal remedy once can take against [Epik] to collect data and keep it longer than expected in a cache for people who are NOT customers and have not had any business relationship with them? Is there a precedent for this? ” demand TapEnvy.US, a Texas-based app development store.

Epik confirms data breach, emails impacted people

Epik has confirmed breach and is also emailing relevant parties about an “unauthorized intrusion,” according to screenshots shared by data scientist Emily Gorcenski and cybersecurity expert Adam sculthorpe:

Epik begins emailing a data breach notice to customers.
Enlarge / Epik begins emailing a data breach notice to customers.

“As we work to confirm all related details, we take a maximum precautionary approach and urge customers to remain alert for any unusual activity they may observe regarding their information used for our services – this may include payment information. , including credit card numbers, registered names, usernames, emails and passwords, ”reads Epik’s email notice.

Although the company has not yet confirmed whether credit card information has also been compromised, as a precaution, users are encouraged to “contact any credit card companies that you have used to make transactions. transactions with Epik and notify them of a possible data breach to discuss your options. with them directly. “

Earlier, an Epik spokesperson told Ars that the company was not aware of any breaches and was investigating the allegations.

Users can check if their data was exposed as part of this hack at HaveIBeenPwned.com. People whose contact details have been leaked should keep an eye out for phishing emails and online banking scams.


Leave A Reply

Your email address will not be published.