2 min read

Epik Data Breach Affects 15 Million Customer and Non-Costumers. Are You a Victim?

Alina BÎZGĂ

September 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Epik Data Breach Affects 15 Million Customer and Non-Costumers. Are You a Victim?

On September 13, Epik, a known domain registrar, was allegedly breached by Anonymous hacktivists, who leaked over 150 GB of stolen data online.

The news took the company by surprise. In an initial statement, Epik said it was not aware of any breach. However, on September 18, the hosting company tweeted a security notice.

"On September 15, we confirmed that certain customer account information for our domain-related systems was accessed and downloaded by unauthorized parties," Epik said.

As it turns out, the leaked data also contained over 15 million email addresses from both Epik customers and non-customers.

It appears that the online service provider scraped WHOIS public domain records, storing contact information of individuals who had never been in direct contact with Epik.

According to an ArsTechnica analysis, the leaked WHOIS data file contained 16 GB of non-customer information, including emails, IP addresses, domains, physical addresses and phone numbers.

While anyone with access to a computer could have scraped WHOIS data, the bulk of the information could be exploited by threat actors to target individuals with no affiliation whatsoever to Epik.

Earlier this week, Epik started emailing a security notice urging impacted individuals to watch out for unusual activity on their accounts.

Although no credit card or password information is known to have been compromised, the company advises maximum caution.

"We are taking an approach toward maximum caution and urging customers to remain alert for any unusual activity they may observe regarding their information used for our services – this may include payment information including credit card numbers, registered names, usernames, emails, and passwords," Epik's email notice reads.

The company has not confirmed whether credit card information and passwords were also compromised. However, it encourages customers to "contact any credit card companies that you used to transact with Epik and notify them of a potential data compromise to discuss your options with them directly."

Vigilance, monitoring and security checks

Users and non-users take proactive measures to protect their information and monitor their accounts for suspicious activity.

Epik customers should change their passwords and continue to monitor financial accounts. Since non-customer data was leaked, individuals should keep a close eye on their Inboxes for phishing emails, spam, DMs on social media and texts. It's also a good idea to review any online accounts you might have overshared information with, deleting any additional and non-required data.

For more details on how to protect your data in the aftermath of a data breach, go here.

Are you a data breach victim? Time to find out with Bitdefender's Digital Identity Protection. Take control of your digital identity with ongoing data breach monitoring for up to five email addresses and alerts to help you control and minimize possible side effects. On top of continuous tracking of leaked personal information in legal and illegal collections, you get expert recommendations on how to fix security issues and even alerts on fake online profiles that may have been set up using your info.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

From data breach to data dump: What cybercriminals do with your stolen info From data breach to data dump: What cybercriminals do with your stolen info
Alina BÎZGĂ

October 13, 2021

2 min read
2021 on Track for Record Year in Data Compromise Incidents, the ITRC Says 2021 on Track for Record Year in Data Compromise Incidents, the ITRC Says
Alina BÎZGĂ

October 08, 2021

2 min read
Twitch has been leaked, what does it mean? Twitch has been leaked, what does it mean?
Radu CRAHMALIUC

October 07, 2021

2 min read