Unexpectedly, Anonymous Returns With yet another Huge Epik Data Pump. Entities using the name and iconography of Anonymous (EUTNAIOA) claim to have leaked server disk images extracted from Epik the controversial US outfit that has provided services to far-right orgs such as the Oath Keepers and Gab, provided a home to social-network-for-internet-outcasts Parler, and hosted hate-hole 8chan.
Epik made a virtue of providing such services. In a blog post defending its decision to operate Gab’s domain name after GoDaddy declined to do so, Epik CEO Rob Monster argued it was a free speech issue and said deplatforming companies is both censorship and a violation of inalienable rights.
Anonymous Returns With yet another Huge Epik Data Pump
EUTNAIOA earlier leaked 180GB of data it said it siphoned from Epik servers, plenty of it detailing the activities of far-right groups such as The Proud Boys and the ridiculous QAnon mob. This included personally identifiable information, domain ownership records, account credentials, and SSH keys, internal Git repos, payment histories, and more.
That document dump was shared around the internet and was widely assessed as authentic. At least one Epik customer identified in the leaked files – a Florida estate agent – was fired as a result of the leak; it emerged he had tried to register domains such as theholocaustisfake.com via the web biz.
This latest super-dump of stolen Epik data was first reported by the Daily Dot on Wednesday after EUTNAIOA shared the information as a torrent.
Operation Epik Fail
With the release of this latest data dump, Anonymous has leaked data from Epik three times now and at the moment, it’s still unclear as to whether or not the group is done leaking data from the web host.
Operation Epik Fail was first revealed by the group on September 13 when it confirmed that it had breached Epik with the leak of 180GB of sensitive data on its customers.
Anonymous then followed up on this first leak on September 30 when it released “The /b/ Sides” which contained more than 300GB of data including bootable disk images of Epik’s servers.
The Previous Leak
On Sept. 13, Monacelli first posted a release from Anonymous, detailing the attackers’ motivations for hitting Epik, as part of its “#OperationJane” or “Operation Epik Fail” efforts (see: Web Hoster Epik’s Breach Exposes 15 Million Email Addresses).
According to the free breach notification service Have I Been Pwned, which received a set of the exposed data, the leak compromised over 180GB of data.
That’s not all, it also includes 15 million email addresses and corresponding personal details of not just Epik’s own customers and systems, but also details of millions of other individuals and organizations who had their information scraped via “Whois” queries from domain name registrars.
Security researcher Corben Leo had, according to news platform TechCrunch, warned Epik about a security vulnerability in January. The undisclosed vulnerability allowed attackers to execute arbitrary code on Epik’s servers, the report says, citing Leo.
Epik’s Remediation Approach
According to the data breach notification, Epik sent to its customers in the state of Maine, the company was working with multiple cybersecurity partners to investigate the incident and secure its services.
It also offered affected users free credit monitoring for two years and continued to communicate with “relevant authorities and other stakeholders,” it adds. You can get more details here.