Security News > 2021 > September > Epik Confirms Hack, Gigabytes of Data on Offer
"Time to find out who in your family secretly ran [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security.
Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves with the Anonymous hacktivist collective label said that the group had obtained and leaked gigabits of data from the hosting company, including 15 million email addresses.
HaveIBeenPwned's Troy Hunt said that his information was part of the data dump, despite never transacting with Epik in any way.
"The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organizations who were not Epik customers," according to Epik's listing on HIBP. "The data included over 15 million unique email addresses, names, phone numbers, physical addresses, purchases and passwords stored in various formats."
New breach: Epik had 180GB of data breached last week including 15M unique email addresses, names, phone nums, physical addresses, purchases and passwords in various formats.
The crew claimed that it was able to obtain account credentials for Epik customers and internal systems, more than 500,000 private keys, Git repositories for Epik internal applications and "a dump of an employee's mailbox, just because we could."