Epik data breach affects 15 million users, including non-customers

Epik data breach affects 15 million users, including non-customers

Epik has now confirmed that an “unauthorized intrusion” did indeed occur on their systems. The announcement follows last week’s incident by hacktivist collective Anonymous that leaked 180GB of stolen data from online service provider Epik. To mock the company’s initial response to the data breach claims, Anonymous had tampered with Epik’s official knowledge base, Ars reported.

Epik is a domain registrar and web service provider known for serving right-wing clients, some of whom have been shunned by more mainstream IT providers due to objectionable and sometimes illicit content hosted by clients. Epik’s clients have included Texas GOP, Parler, Gab, and 8chan, among others.

The Epik hack also affects millions of non-customers

It turns out that the leaked data dump contains 15,003,961 email addresses that belong to both Epik customers and non-customers, and not everyone is satisfied with the news. This happened when Epik had extracted the domain records from WHOIS, even those that were not owned by the company, and stored them. In doing so, the contact information of those who have never transacted with Epik directly was also retained on Epik’s systems.

The data breach monitoring service HaveIBeenPwned has now started sending alerts to millions of email addresses exposed in the Epik hack. The founder of the service, Troy Hunt, is one of the many affected by the data breach, but who “had absolutely nothing to do with Epik. “

in a poll Last week, Hunt asked if affected users who were not Epik customers preferred to receive violation alerts as well. The majority of users answered affirmatively to the question.

“The breach exposed a large volume of data not only from Epik customers, but also removed WHOIS records belonging to individuals and organizations that were not Epik customers.” state HaveIBeenPwned. “The data included more than 15 million unique email addresses (including anonymous versions for domain privacy), names, phone numbers, physical addresses, purchases, and passwords stored in various formats.”

Ars has seen a part of the leak. whois.sql dataset file, approximately 16GB in size, containing user emails, IP addresses, domains, physical addresses, and phone numbers. We noticed that the WHOIS records for some domains were dated and contained incorrect information about the domain owners, that is, people who no longer own these assets.

Epik's WHOIS database, part of the 180GB leak.
Enlarge / Epik’s WHOIS database, part of the 180GB leak.

Sharma ax

Before registering domains, domain registrars require users to provide their “WHOIS” contact information, such as email address, physical address, and phone number. This information becomes part of the public WHOIS directory and can be searched by anyone to contact the domain owner. As it is public data, anyone can view or copy the WHOIS records. Those who prefer not to disclose their personal information directly to a WHOIS directory often trust a company or a private WHOIS provider to act on their behalf. However, what has users concerned in this case is that the presence of their contact information in Epik’s dataset could falsely portray them as having a connection to Epik when there was not.

“I wonder if there is any legal recourse that I could once take against [Epik] to collect data and keep it longer than expected in a cache for people who are NOT customers and have not had any business dealings with them? Is there a precedent for this? ” order TapEnvy.US, a Texas-based app development store.

Epik confirms data breach, emails affected people

Epik has confirmed the breach and is also emailing affected parties about an “unauthorized intrusion,” according to screenshots shared by data scientist Emily Gorcenski and cybersecurity expert. Adam sculthorpe:

Epik begins emailing data breach notices to customers.
Enlarge / Epik begins emailing data breach notices to customers.

“As we work to confirm all related details, we are taking an approach towards utmost caution and urging customers to remain alert to any unusual activity they may observe regarding the information used for our services – this may include information from payment, including credit card numbers, registered names, user names, emails and passwords, “the email notice from Epik reads.

Although the company has not confirmed at this time whether credit card information was also compromised, as a precaution, users are advised to “contact the credit card companies you used to transact with Epik and ask them. notify them of a possible data compromise to discuss your options with them directly. “

Earlier, an Epik spokesperson had told Ars that the company was not aware of any wrongdoing and was investigating the claims.

Users can check if their data has been exposed as part of this hack at HaveIBeenPwned.com. Those whose contact information was exposed should be on the lookout for phishing emails and online banking scams.


Leave a Reply

Your email address will not be published. Required fields are marked *