Hackers operating under the Anonymous banner have released additional data from Epik, the controversial web hosting company known for providing refuge to the far right.
In a press release entitled “You Lost The Game”, the hacktivist group announced the third part of their so-called “Operation EPIK FAIL” on Monday.
The latest leak is said to contain more bootable disk images from Epik’s servers, as well as a backup, affiliated with the Texas Republican Party, that is said to contain “private documents” and “draft articles that did not make it into the narrative”. The Texas GOP website was defaced by Anonymous in retaliation for the state’s controversial 9/11 ban on abortion.
The Daily Dot is in the process of checking the authenticity of the data after it has been received.
The campaign against Epik was the first accepted on September 13, when Anonymous announced that it had breached the domain registrar and disclosed at least 180 GB of sensitive information. The hackers followed on September 30th with “The / b / Sides”, a more than 300 GB release with bootable disk images from Epik’s servers.
The leaks have continued to lead to widespread consequences for Epik’s customers, which include sites like Parler, Gab, 8chan, and TheDonald. The first version revealed everything from passwords and credit card numbers to customer names, email addresses, physical addresses, and phone numbers.
Epik CEO Rob Monster would finally speak about the violation in an unorthodox video conference open to the public on September 16. During the four-hour meeting, Monster broke out in prayer several times, warned of “cursed” hard drives that would go up in flames, and argued back and forth with a notorious neo-Nazi.
The data cache enabled the Daily Dot not only to discover websites targeted by the FBI and others with subpoenas, but also to track the actions of prominent far-right figures like Ali Alexander, who tried to divert his digital connections to dozens of Defuse domains on election fraud conspiracy theories following the January 6th Capitol Uprising.
A real estate agent in Florida who had registered numerous anti-Semitic domains also lost his job. A man who ran websites related to the Proud Boys in Canada, where the far-right group is listed as a terrorist organization, was investigated by his employer at a state-owned pipeline and energy company.
The Oath Keepers militia, which began epic after the failed uprising, were also leaked on September 27th. Although those responsible did not claim affiliation with Anonymous, the data contained data that the hackers passed on to journalism and the transparency collective DDoSecrets believes that the discovery could have been linked to Epik’s violation.
The Daily Dot was able to find at least 160 official government and military email addresses on a membership list compiled by the militia. Several investigations have been launched into the leak. The New York Police Department (NYPD) announced last week that it had opened an internal review of two officers whose names were found in the violation.
The second release of Epik data resulted in the disclosure of at least 59 API keys that enable secure communication with each other for services like Twitter, Coinbase and PayPal. Monster claimed during his live video conference with the public that someone tried to use his API key for Coinbase to steal $ 100,000.
It remains unclear what the aftermath of the third release will be as journalists and researchers struggle to sift through the vast amounts of information already contained in the two previous leaks.
The news of the latest leak came first reported by Steven Monacelli.
This week’s top tech stories
* First released: October 4, 2021 at 9:41 a.m. CDT
Mikael Thalen is a Seattle-based tech and security reporter covering social media, privacy breaches, hackers, and more.