In addition to being a web host, Epik also offers domain names and DNS services to its customers. However, much like with bulletproof hosting companies, it has a reputation for providing web space to a number of clients that would have trouble finding hosting anywhere else due to the nature of their content.
Anonymous originated in 2003 on 4chan and gained notoriety for hacking the Church of Scientology, the Westboro Baptist Church and a number of large corporations including PayPal, Mastercard, Visa and Sony. If you’re familiar with Sam Esmail’s Mr. Robot, the hacking group fsociety in the show was inspired by Anonymous.
In total, Anonymous claims to have obtained over 180GB of data from Epik and this stolen data has now been released online as a torrent. The data set allegedly contains the payment history, account credentials, WHOIS history, domain purchases, DNS changes and more information on the company’s customers.
Operation Epik Fail
Anonymous first began targeting Epik after the Texas Heartbeat Act which places severe restrictions on when a woman can have an abortion was signed into law earlier this month. As part of the new law, any Texas resident can bring a civil lawsuit against anyone who either performs or helps someone else get an abortion after six weeks.
After the Texas Right to Life group’s whistle blower website lost its hosting from GoDaddy, it turned to Epik as its new registrar and for its name servers but not for hosting. While Epik quickly notified the owners of the site that it had violated the company’s terms of service, the move put the web hosting company on Anonymous’ radar.
While TechRadar Pro reached out to Epik for a statement, we haven’t heard back at the time of writing. However, in a statement to Ars Technica, a company spokesperson provided further details on the matter, saying:
“We are not aware of any breach. We take the security of our clients’ data extremely seriously, and we are investigating the allegation.”
To add insult to injury, Anonymous also altered Epik’s knowledge base to mock the company for denying the breach.
We’ll likely find out more once security researchers have finished analyzing and verifying all of the company and customer records contained in Anonymous’ 180GB torrent.
Via Ars Technica