The Hacktivist Anonymous collective claims to have obtained gigabytes of data from Epik, which provides domain name, hosting and DNS services for a wide variety of customers. These include the Texas GOP, Gab, Parler and 8chan, among other places on the right. The stolen data has been published as a torrent. The hacktivist group claims that the data set, which is more than 180 GB, contains “company data worth a decade”.
Anonymous says the dataset is “all it takes to track the actual ownership and management of the fascist side of the Internet that has eluded researchers, activists and, well, almost everyone.” If this information is correct, the data and identities of Epik customers could now fall into the hands of activists, researchers and almost anyone curious enough to take a look.
Decades of Epik stuff, now in a torrent near you
Epik is a domain registrar and web service provider known for serving the right customers, some of which have been rejected by most common IT providers due to the nasty and sometimes illicit content hosted by customers.
Anonymous’ activities began with what the group calls “Operation Jane” after the Texas Heartbeat Act was signed this month. The restrictive abortion law allows private individuals, not necessarily government agencies or the police, to enforce the six-week abortion ban. By law, any Texas resident can file a civil lawsuit against anyone who performs or helps facilitate an illegal abortion and claim at least $ 10,000 in damages.
The note, shown below, was tacat by journalist Steven Monacelli, who has been there ever since doxxed by an Epik follower.
Among the dataset are several SQL databases that contain what appear to be client records associated with all domain names hosted by Epik. Ars analyzed a small subset of the filtered dataset, including what a source calls an Epik employee’s mailbox, which contains correspondence from the Epik CEO Rob Monster.
Members of another hacktivist group, Distributed Denial of Secrets, have also compiled the dataset available by alternative means for those who cannot use torrents.
“We are not aware of any breaches. We take the security of our customers’ data very seriously and are investigating the allegation,” an Epik representative told Ars.
Hackers alter Epik’s knowledge base to circumvent the company’s response
Anonymous also manipulated Epik’s knowledge base to mock the company’s denial of the breach.
On September 13, 2021, a group of children pretending to be ‘Anonymous’, of whom we have never heard of, said they run it[d] to get, well, honestly, all our data and then we released it, “said the modified knowledge base, as seen in an archived copy.” They claim that it included all the user data. All. All usernames, passwords, emails, support queries, breaching all anonymization services[s] we have. Of course, this is not true. We are not so stupid that we would allow this to happen. “
The knowledge base page ends up sarcastically saying, “We wrote it ourselves, obviously that’s not part of the hacked account.” Epik has deleted the page since then.
Prior to this incident, Anonymous deleted the Texas GOP website by replacing references to “Help Texas Stay Red” with “Texas: Taking Women’s Voices to Promote Theocratic Erosion of Church Barriers / states “. The group also added “give” links to Planned Parenthood nonprofit reproductive health care.
