On Tuesday, The Washington Post reported on the hack of Epik, a domain hosting website that has become synonymous with far-right groups and causes.
“Online records show those sites have included 8chan, which was dropped by its providers after hosting the manifesto of a gunman who killed 51 Muslims in Christchurch, New Zealand, in 2019; Gab, which was dropped for hosting the antisemitic rants of a gunman who killed 11 people in a Pittsburgh synagogue in 2018; and Parler, which was dropped due to lax moderation related to the Jan. 6 Capitol attack,” reported Drew Harwell, Craig Timberg, and Hannah Allam.
Epik also briefly hosted the neo-Nazi Daily Stormer, and prolifewhistleblower.com, the website set up to facilitate bounty-hunting snitches for the new Texas abortion law.
According to the report, experts are combing through the data of the leak, which came courtesy of the hacker group Anonymous and includes everything from client names to home addresses to the account credential of far-right site administrators.
“Extremism researchers and political opponents have treated the leak as a Rosetta Stone to the far-right, helping them to decode who has been doing what with whom over several years,” said the report. “Initial revelations have spilled out steadily across Twitter since news of the hack broke last week, often under the hashtag #epikfail, but those studying the material say they will need months and perhaps years to dig through all of it.”
One of the revelations provided by the leak, said the report, was that Epik had weak security measures.
“Epik’s security protocols have been the target of ridicule among researchers, who’ve marveled at the site’s apparent failure to take basic security precautions, such as routine encryption that could have protected data about its customers from becoming public,” said the report. “Similar failings by other hacked companies have drawn scrutiny from the Federal Trade Commission, which has probed companies such as dating site Ashley Madison for failing to protect their customers’ private data from hackers. FTC investigations have resulted in settlements imposing financial penalties and more rigorous privacy standards.”
You can read more here.
Image by Kjetil Korslien via Flickr and a CC license