The breach also undercuts Epik’s pledge to customers that it can safeguard their anonymity, no matter what dangerous conspiracy theories they spread online. For that reason, experts told CNN the hack could have repercussions for how far-right groups organize and try to protect themselves online.
“A breach like this will force some of these actors to find security providers outside of North America, in Europe, to possibly step up their security game,” Gabriella Coleman, a professor of anthropology at Harvard University, told CNN. Coleman said the data dump “confirmed a lot of the details of the far-right ecosystem.”
Emma Best, co-founder of Distributed Denial of Secrets, a non-profit that itself has published hacktivist data, said researchers could be poring over the Epik leaks for months for clues into how different people and far-right organizations are linked.
In a statement to CNN on Tuesday night, Epik said the information that Anonymous released included data on 15 million people that was already public.
“Epik has been a trusted resource for many years and our highest priority will always be security and privacy,” the firm said.
Troy Hunt, an Australian cybersecurity consultant, said numerous people who are not Epik customers also had their data compromised in the hack. That’s because Epik has apparently been collecting third-party data that is publicly available on the internet, according to Hunt.
Hunt, who runs a service that informs people if their email addresses have been exposed in data breaches, told CNN that about 100,000 of his subscribers had been affected by the Epik hack.
“It’s a very salacious, messy situation,” Hunt said. “Amongst all this, there’s a whole bunch of people” who still haven’t been notified that their information was compromised, he added.
This story has been updated with a statement from Epik.