Members of the hacktivist collective Anonymous claim to have hacked web registration company Epik, allegedly stealing “a decade’s worth of data,” including reams of information about its clients and their domains.
Epik is controversial, having been known to host a variety of rightwing clients, including ones that other web hosting providers, like GoDaddy, have dropped for various reasons. Its users have included conservative social media networks Parler and Gab, as well as conspiracy-theory-laden YouTube wannabe Bitchute and former President Trump fansite, The Donald. The company recently hosted prolifewhistleblower.com—the website designed to help people snitch on Texas residents who want abortions—but later forcibly removed the tip-collecting platform after determining that it had violated Epik’s terms by nonconsensually collecting third-party information.
Now, however, the apparent hacking of its platform means that all of Epik’s clients may soon have their backend information offered up to public scrutiny.
News of the apparent incident was first reported by Steven Monacelli, an independent journalist from Texas, who tweeted Monday that a “large dataset” belonging to the company appeared to have been stolen. Monacelli’s information comes from a 4Chan “press release” put out by the alleged hackers. In the release, the group claims to have stolen domain purchases and transfers, account credentials for “all Epik customers,” as well as a data dump from an Epik employee’s email inbox, among many other items.
“This dataset is all that’s needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody,” the release claims.
When reached for comment, Epik told Gizmodo that they weren’t aware of a hacking incident. “We are not aware of any breach. We take the security of our clients’ data extremely seriously, and we are investigating the allegation,” said a spokesperson, in an email.
Whether Epik is aware of the breach or not, their alleged data is now in the hands of online activists who plan to publish it. The journalist nonprofit group Distributed Denial of Secrets said Tuesday that a source had provided them with the leak and that they plan to curate it for public consumption on their website. DDoS, which has made a habit of releasing data from many of the clients of Epik, affirmed that the data haul includes extensive registration information about users of the company. The DDoS site claims the dump includes “180 gigabytes of user, registration, forwarding and other information behind the ‘privacy’ web hosting and registrar service Epik, known for hosting fascist, white supremacist and other right-wing content as well as harassment and doxing websites.”
Links to the data dump are widely available online but Gizmodo does not recommend the average user going around downloading unvetted hacked materials.
In the past, Epik has acted as a refuge to right-wing groups that have been kicked off of other hosting platforms. Case in point, it took in Parler and Gab, the MAGA-styled Twitter clones that had trouble finding a home after much of the organizing around the January 6th attack on the Capitol building was found to have originated on their virtually unmoderated platforms. However, the company recently made it known that it does draw the line somewhere when it cut ties with the abortion snitch site.
DDoS has previously hosted data that was stolen in confirmed hacking and/or scraping incidents, including ones involving Gab, Parler, and the Metropolitan Police Department in Washington D.C. The group was punished by Twitter last year after the secrets-publisher shared a link to more than 200 gigabytes’ worth of stolen police data, including thousands of confidential emails, FBI bulletins and memos dated as far back as 1996. Twitter suspended the DDoS citing violations of its “hacked materials policy,” which would undergo a radical rewrite only a few months later.
Gizmodo has downloaded copies of the Epik data and will be assessing its content.
Additional reporting by Dell Cameron.
Correction: A previous version of this article mischaracterized DDoS as a “hacktivist” group. While some documents DDoS has made available to the public are acquired by hackers, the group itself is a journalistic nonprofit. We’ve updated the story to more accurately reflect the nature of DDoS and regret the error.