Anonymous hackers claim customer data theft controversial registrar Epik

A group of hackers calling themselves ‘Official Anonymous’ claims to have stolen personal data from customers of the controversial domain manager Epik. This would include transfers, uncensored Whois history, emails and account information.

The hackers posted a file dump on 4chan that they say contains all domain purchases, domain transfers, Whois history, DNS changes, email forwards, payment history and unencrypted account and login details of all Epik customers.

According to the group, logins were stored in plaintext and the only encryption the group found was unsalted MD5. The group also claims to have found more than 500,000 private keys, a dump of an employee’s mailbox, Git repositories, SSH keys, and /home and /root directories of a core system. This is 180 GB of data.

The hack became like first publicly shared by Steven Monacelli of Protean Magazine, and writer for, among others, The Daily Beast. He says that the contents of the file dump has been confirmed. The file dump has now also been put online by the hackers. How the hackers got the information is not stated in their statement. In a response to Domain Name Wire, Epik CEO Rob Monster denies that information was stolen.

Registrar Epik has been under fire for some time as the domain manager of the social network Gab, which was embraced by extreme right-wing supporters for allowing radical expressions. Epik also hosted or hosted the app Parler, neo-Naziforum the Daily Stormer and 8chan. In addition, Epik hosts a series of sites of extremist and right-wing nationalist American groups, such as the Proud Boys.