We’re gonna need an entire thread devoted to this thing.
Now the first shocking revelation?
Epik’s “entire primary database,” which contains hosting account usernames and passwords, SSH keys, and even some credit card numbers—all stored in plaintext.
WTF. Who does that?!
A Linux engineer tasked with conducting an impact assessment on behalf of a client who uses Epik’s services told the Daily Dot that the breach was one of the worst he had ever seen. The engineer did not have permission to speak about the breach by his employer and was granted anonymity by the Daily Dot.
“They are fully compromised end-to-end,” they said. “Maybe the worst I’ve ever seen in my 20-year career.”
Just in case anyone is unfamiliar with it. EPIK is (was) the place Nazi’s, alt-right, and GOP went to get their stuff hosted when kicked off other platforms.
Nope. Hopefully it takes some horrible people down.
a decade’s worth of data from the company” has been obtained, including all domain purchases, domain transfers, and unredacted website registration data that could shed light on individuals and groups behind extremist or hate sites.
“This dataset is all that’s needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody,” the hacker boasted in announcing the attack.
If this part is true, those guys were real idiots. This doesn’t make a lot of sense unless they were so cheap they did not hire a single person who knew the slightest thing about security:
You know, if such data was easily accessible to me, well, I’m the kind of guy who will download and run various data transformations on CDC data, census bureau data, who on a whim would download both and cross reference them to find an approximate ratio of GOP to Dem voters being infected and dying of Covid on a whim because I found Neal DeGrasse Tysons simplistic 5x answer unsatisfying and wanted to do a better quantitative analysis for myself.
But I would also see things I would be happier not seeing, such as the depths of depravity and hatred of the far right and, ugh.
Still would I do a search to cross reference all names stored with a list of current GOP politicians in the house and senate? Yeah, maybe.