The latest EPIK data leak, according to Anonymous hackers involves bootable disk images, API tokens, over 500,000 private keys, etc. – All in plain-text format.
Hacktivist group Anonymous has published the second part of data stolen from controversial pro-right-wing web hosting platform Epik. As previously reported by Hackread.com, the previous leak comprised 180GB of the company’s data, and the current one is even bigger.
The leak results from Anonymous’ displeasure over Epik’s preference to associate itself with right-wing websites, which the group regarded as extremists.
About the Hack
Web hosting company Epik was targeted by hacktivist collective Anonymous in two major attacks called- Operation EPIK FAIL and EPIK FAIL the b sides. The company was targeted because it hosted the far-right social media profiles of Donald Trump, Gab, and Parler.
Hackread.com can confirm that the data is now being leaked in parts by hackers. So far, Anonymous has exposed names, passwords, email IDs, physical addresses, and other personal details of over 18 million people.
Over 300 GB of Epik Data Leaked
According to a tweet from Monacelli, who was the first to break the news, Anonymous has leaked more than 300 GB worth of data, which is much larger than their previous leak.
In his next tweet, Monacelli stated that the second data dump comprises Epik’s servers’ fully bootable disk images, including many API tokens and passwords. Part of the new data dump is around 70GB of documents and many bootable disk images of “assorted systems” representing the company’s server infrastructure, Monacelli explained.
Another security expert known as Whiskey Neon posted a video depicting some of Epik VMs in action. However, according to the hackers, the contents include:
- Domain purchases
- Domain transfers
- WHOIS history
- DNS changes
- Email forwards, catch-alls, etc.
- Payment history
- Account credentials
- Over 500,000 private keys
- An employee’s mailbox
- Git repositories
- /home/ and /root/ directories of a core system
- Bootable disk images
Epik CEO’s Response
Soon after the breach was made public, in a four-hour-long Q&A session, Epik’s CEO Rob Monster tried to defend the company. However, his video conference was somewhat unusual as he uttered prayers to defeat demons and stated that the hard drives containing the hacked data were cursed.