Epik hoster hack affected 15 million users, not just the company’s clients

Hoster Epik hack

Last week, Anonymous hacktivists reported about hack of the database of the domain registrar and hoster Epik, which was previously often criticized for hosting “right-wing” sites including 8chan, Gab, Parler and The Donald.

The stolen data (over 180 GB) was published in torrent format and, according to hackers, contains information for the last decade.

Since the company denied the fact of hacking, the hackers laughed at Epik and additionally hacked the hoster’s knowledge base, adding their own mocking edits to it.

In total, the dump published by the hackers contained 15,003,961 email addresses that belong to both Epik customers and people who had no business with the company, ArsTechnica now reports.

Reporters explain that Epik scraped the WHOIS records of domains, including those that were not owned by the company, and kept those records for themselves. As a result, the contact information of people who had never interacted directly with Epik were also kept by the company.

The data breach aggregator HaveIBeenPwned has already begun sending out warnings to millions of victims whose email addresses have been compromised. One of the victims was the founder of this service, Troy Hunt, although he never had anything to do with Epik.

In a Twitter poll, Hunt asked his followers if affected non-Epik customers would like to be notified of violations. The majority answered the question in the affirmative.

The leak revealed a huge amount of data not only about Epik customers, but also WHOIS records belonging to individuals and organizations that were not customers of the company. This data includes over 15 million unique email addresses (including anonymous ones to ensure domain privacy), names, phone numbers, physical addresses and passwords stored in a variety of formats.writes HaveIBeenPwned.

ArsTechnica reporters note that they saw part of the whois.sql file, which is approximately 16 GB in size. It is filled with email addresses, IP addresses, domains, physical addresses, and phone numbers of users. However, some WHOIS records are clearly out of date and contain incorrect information about domain owners (people no longer own these assets).

Hoster Epik hack

According to information security specialists Emily Gorchensky and Adam Sculthorpe, Epik representatives have finally admitted the fact of the hack and are now notifying their clients about “unauthorized intrusion” into their systems.

The company urges customers to remain vigilant and monitor any information they use while using the company’s services (including billing information, credit card numbers, names, usernames, email addresses and passwords).

Hoster Epik hack

Although the company does not yet know for sure whether customers’ bank card data has been compromised, users are advised to “contact the companies that issued the bank cards used for transactions with Epik and notify them of potential data compromise” as a precautionary measure.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *