Anonymous hacktivist collective claims has claimed to have hacked the controversial web hosting provided Epik and stolen its data, including information of the clients of the company, as part of an operation codenamed EPIKFAIL.
The hosting provided is known for allowing far-right and neo-Nazi groups to publish extremist content. The hacktivists have stolen 180GB of data of user, registration, forwarding and other information and leaked it on the DDoSecrets non-profit whistleblower site.
According to the hackers, stolen data includes:
Anonymous group pointed out that the above data can allow tracing the “actual ownership and management of the fascist side of the internet.”
“180 gigabytes of user, registration, forwarding and other information behind the “privacy” web hosting and registrar service Epik, known for hosting fascist, white supremacist and other right-wing content as well as harassment and doxing websites” reads the announcement on DDoSecrets.
The leak site includes both torrent and Magnet links.
“Due to its size, it’s incompatible with most torrent clients and many users will have difficulty downloading the data. When we’re able, we’ll release a more accessible version of the data.” continues the announcement.
The list of clients of the hosting provider includes the conservative social media platform Parler, pro-Trump The Donald site, Gab, anti-abortion snitch website, the Texas GOP website, and BitChute video hosting service known for hosting accommodating far-right and conspiracy content.
The news of the data breach was first reported by the independent journalist Steven Monacelli.
An Epik sympathizer doxxed Monacelli after he reported the data breach:
Anonymous announced the hack with a message published on 4Chan, below is the image of the press release published by the HackRead website.
“On September 13, 2021, a group of kids calling themselves ‘Anonymous’, whom we’ve never heard of, said they manage[d] to get a hold of, well, honestly, all our data, and then released it,” reads the Anonymous’ message published on the Epik’s knowledge base. “They claim it included all the user data. All of it. All usernames, passwords, e-mails, support queries, breaching all anonymization service[s] we have. Of course it’s not true. We’re not so stupid we’d allow that to happen.”
(SecurityAffairs – hacking, Anonymous)