The Week in Breach: It’s Gonna Be a Bad Week for Some – EPIK Hack by Anonymous

Make sure to add us or contact us for the latest news

Real-Time Service Alerts




Anonymous Leaks Gigabytes of Data from Host EPIK

About 15 million names, phone numbers, email addresses, and physical addresses held by the platform, Epik, were revealed.

In what will undoubtedly be a much talked about, hot topic breach – Anonymous obtained upwards of 180GB of data from the web host EPIK. EPIK is known for hosting websites such as Parler, Proud Boys and QAnon.

In an email to customers on Monday, shared on Twitter by the data scientist Emily Gorcenski, Epik said it had confirmed an “unauthorized intrusion” on or around September 13.

Epik’s clients have included the Texas Republican Party, Parler, Gab, 8chan, Infowars, BitChute, the Proud Boys, members of QAnon, the pro-gun forum AR15.com, the pro-Trump site The Donald, and the neo-Nazi blog the Daily Stormer, according to Ars Technica and NPR.

While Anonymous said the hack was aimed at identifying people behind right-wing sites, the personal details of some people who are not Epik clients were also released, the data-privacy monitor Have I Been Pwned said.

Anonymous said on September 13 that it had accessed about 180 gigabytes of archived information, describing it as a “decade’s worth of data from the company.” News of the breach was first reported by the journalist Steven Monacelli.

You can read up on what happened and the fallout so far here and here.

This hack will most likely kick off a political firestorm in the coming months and we are interested to see if it will push the cybersecurity narrative in Washington forward.

Dark Web ID’s Top Threats This Week


 

Austin Cancer Centers

https://www.beckershospitalreview.com/cybersecurity/cyberattack-leads-to-it-outage-at-texas-cancer-clinics-exposing-36-000.html

Exploit: Ransomware

Austin Cancer Centers: Specialty Medical Clinic System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.623 = Severe

 

Austin (Texas) Cancer Centers are notifying 36,503 patients of a data breach that forced it to shut down its IT networks. The cancer treatment network, which has eight locations, discovered that hackers had deployed ransomware onto its systems. Cybersecurity experts determined that hackers had made the intrusion and remained invisible since late July 2021.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.702 = Severe

 

Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.

Customers Impacted: 36,503

How It Could Affect Your Business: Data from medical centers is always a valuable commodity for cybercriminals because it can provide PII, financial information, and other profitable tidbits.

IntegraMSP to the Rescue: Two in five ransomware victims in 2020 were SMBs. No business is safe from this menace. Help your clients mount a strong defense with the insight gained in Ransomware Exposed. GET THIS EBOOK>>


TTEC

https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/

Exploit: Ransomware

TTEC: Customer Support Provider

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.636 = Moderate

TTEC, a growing customer support provider, has been hit with a suspected Ragnar Locker ransomware attack. The company handles customer support calls on behalf of an array of major companies including Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon. Around September 12, company data was encrypted and business activities at several facilities were temporarily disrupted. The incident is under investigation.

Customers Impacted: Unknown

How It Could Affect Your Business Ransomware is always a disaster. Ragnar Locker operators recently threatened additional repercussions to companies that contact law enforcement officials after a successful attack.

IntegraMSP to the Rescue: Gamify cybersecurity and information safety to make it interesting. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>


Walgreen’s

https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerability

Exploit: Misconfiguration

Walgreen’s: Drugstore Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.336=Extreme

Vox reports that the personal data of patients that had a COVID-19 test at Walgreens was stored incorrectly and exposed to anyone who cared to view it. The data exposure potentially affects millions of people who used Walgreens’ COVID-19 testing services over the course of the pandemic. The exposure came to light after a security expert checked for test results for a family member and noticed the issue. discovered the issues in March after a family member got a COVID-19 test. The vulnerability has been around since at least March 2021 when the expert discovered it, but likely longer

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.217=Extreme

Patient personal data exposed include each patient’s name, date of birth, gender identity, phone number, address and email. In some cases, test results are also available.

Customers Impacted: Unknown

How It Could Affect Your Business When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause. It’s also going to cost them a fortune in penalties once regulators get finished with them.

IntegraMSP to the Rescue:  See how to transform employees into security assets to become the real secret weapon that successful organizations deploy to fight cybercrime! WATCH NOW>>


Epik

https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/

Exploit: Hacking

Epik: Webhosting

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.227 = Extreme

Legendary hacktivist group Anonymous has struck again, this time claiming to have snatched gigabytes of data from Epik, a domain name, hosting, and DNS service provider for a variety of right-wing sites including Texas GOP, Gab, Parler and 8chan including extremist groups. The hacktivist collective announced in a press release that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.” It has been released as a torrent. Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means. The Ars Technica story on the incident, linked above, is absolutely worth reading and includes the press release as well as other actions by Anonymous in the same vein. The group perpetrated this hack as part of its Operation Jane campaign.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.305 = Extreme

It is unclear to what extent this hack exposed personal information for owners of sites hosted by Epik or other personal or financial data. However, reports from experts who have viewed the data say that it is highly likely that Epik customers and users should expect that their data has been stolen.

UPDATE: More than 15 million email addresses and accompanying personal details from Epik users have been leaked online under the banner of Anonymous. Source: https://www.govinfosecurity.com/web-hoster-epiks-breach-exposes-15-million-email-addresses-a-17572

Customers Impacted: Unknown

How It Could Affect Your Business Experts who have seen the stolen data contend that Epik was negligent in its storage of PII and passwords, making the hack easier for Anonymous.

IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>


Microsoft

https://www.bleepingcomputer.com/news/security/eventbuilder-misconfiguration-exposes-microsoft-event-registrant-data/

Exploit: Misconfiguration

Microsoft: Software Developer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.801 = Moderate

The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.727 = Moderate

Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.

Customers Impacted: Unknown

How it Could Affect Your Business Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.

IntegraMSP to the Rescue Security awareness training doesn’t just boost phishing resistance. It also teaches employees to be mindful of other security blunders with passwords, compliance, and more. CONTACT US>>


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.