Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Mikael Thalen Profile picture
Mikael Thalen
@MikaelThalen
Staff writer @dailydot - mikael.thalen@dailydot.com - Signal: @ mikaelthalen.11

Sep 16, 2021, 9 tweets

NEW: The hack of web hosting company Epik has revealed the names behind some of the most notorious far-right sites.

A cybersecurity expert I analyzed the data with said Epik was “fully compromised.”

“Maybe the worst I’ve ever seen in my 20-year career.” dailydot.com/debug/epik-hac…

As first revealed on Monday by @stevanzetti, the hacking collective Anonymous announced that it had hacked Epik, whose customers have included Parler, Gab, and forums such as TheDonald. dailydot.com/debug/epik-hac…

As I noted yesterday, the breach includes the email inbox of an Epik employee that regularly spoke with CEO Robert Monster.

I attempted to speak over the phone with Monster by calling him on the personal cell number listed in his email signature but did not receive a reply.

The massive data trove includes, among other things, the names, addresses, phone numbers, and email addresses of those who registered web domains with Epik.

dailydot.com/debug/epik-hac…

I was able to verify the data by calling numerous people, including the individual who registered the domain patriots.win–home to the massive pro-Trump forum known as TheDonald.

dailydot.com/debug/epik-hac…

A database titled “intrust.sql”–which appears related to Epik’s 2011 purchase of domain name registrar IntrustDomains–even included credit card numbers stored in plaintext (although the cards appear expired).

Even some passwords were stored in plaintext.dailydot.com/debug/epik-hac…

Update: There are also *current* credit card numbers stored in plain text in the data breach.

dailydot.com/debug/epik-hac…

Although the press release from Anonymous claimed no credit card data was present, I can confirm that there are credit card numbers stored in plaintext.

The cybersecurity expert who analyzed the data with me summed up the breach as so: dailydot.com/debug/epik-hac…

Just to point out, even though Epik has a service to anonymize registrar information (so that people can't see who registered a certain domain), there is an entire database that lists the personal information of all the 'anonymized' users. dailydot.com/debug/epik-hac…

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling