The hacktivist collective Anonymous leaked over 150 gigabytes of private data after hacking the web registration company Epik, a popular domain host for far-right groups.
Popular far-right platforms like Parler, Gab and 8chan, as well as far-right extremist groups like the Proud Boys and QAnon, recently migrated to Epik after being banned from other platforms following the Jan. 6 Capitol riot for violating policies on hate speech and spreading misinformation. Last week, Anonymous dumped what it said was a "decade's worth" of company data in a torrent file, including passwords, internal emails, home addresses, and phone numbers.
"After years of bolstering the worst trash the Internet has to offer, this is, truly, the Epik moment we've all been waiting for," the group said in a statement it published along with the data dump, which was first reported by independent journalist Steven Monacelli.
"This dataset is all that's needed to trace actual ownership and management of the fascist side of the Internet," the statement said. "Time to find out who in your family secretly ran an Ivermectin horse porn fetish site, disinfo publishing outfit, or yet another Qanon hellhole."
Extremism researchers say the leak is akin to a "Rosetta Stone to the far right" and is helping them find new links among the groups.
"It's massive. It may be the biggest domain-style leak I've seen and, as an extremism researcher, it's certainly the most interesting," Megan Squire, a professor at Elon University who studies right-wing extremism, told the Washington Post. "It's an embarrassment of riches — stress on the embarrassment."
Want a daily wrap-up of all the news and commentary Salon has to offer? Subscribe to our morning newsletter, Crash Course.
Epik drew national headlines earlier this month after offering support to Texas Right to Life, an antiabortion group whose website was removed from GoDaddy because it solicited information on women who solicited abortions in violations of Texas' new near-total ban. But Epik ultimately stopped working with the site because it violated their rules against collecting private information. Epik has in recent years become a safe space for far-right platforms that were booted from major web hosts like Amazon Web Services, though it has tried to take steps to shed some of its most toxic clients, cutting ties with the neo-Nazi site Daily Stormer and 8chan.
"The company played such a major role in keeping far-right terrorist cesspools alive," Rita Katz, executive director of SITE Intelligence Group, which studies online extremism, told the Post. "Without Epik, many extremist communities — from QAnon and white nationalists to accelerationist neo-Nazis — would have had far less oxygen to spread harm, whether that be building toward the Jan. 6 Capitol riots or sowing the misinformation and conspiracy theories chipping away at democracy."
Epik founder Robert Monster has drawn growing criticism for hosting extremist content. Monster has denied holding extremist views but following that Christchurch shooting in New Zealand that killed 50 people, he uploaded links to the shooter's video and published his so-called manifesto. Monster insisted that his employees watch the video, which he claimed was faked, according to Bloomberg News.
Monster acknowledged the hack in an email to customers last week, alerting them of an "alleged security incident."
"You are in our prayers today," he wrote, according to the Post. "When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good. Blessings to you all."
But the company has come under "ridicule" from researchers who have "marveled at the site's apparent failure to take security precautions," according to the report. None of the files were encrypted, researchers say, including data revealing the administrators of far-right websites and passwords. The hack also exposed personal data from Anonymize, a privacy service the company offered to users that wanted to hide their identity. Previous similar hacks have drawn investigations by the Federal Trade Commission and hefty settlements.
"Given Epik's boasts about security, and the scope of its Web hosting, I would think it would be an FTC target, especially if the company was warned but failed to take protective action," David Vladeck, the former director of the FTC's consumer protection bureau, told the Post. "I would add that the FTC wouldn't care about the content — right wing or left wing; the questions would be the possible magnitude and impact of the breach and the representations … the company may have made about security."
Epik initially said it was unaware of the hack but Monster, on a "rambling three-hour live-stream" last week, acknowledged there was a "hijack of data that should not have been hijacked," according to the report.
"If you have a negative intent to use that data, it's not going to work out for you. I'm just telling you," he said. "If the demon tells you to do it, the demon is not your friend."
But extremism researchers have likened the leak to the "Panama Papers of hate groups," Emma Best, co-founder of the nonprofit whistleblower group Distributed Denial of Secrets, told the Post.
"A lot of research begins with naming names," she said. "There's a lot of optimism and feeling of being overwhelmed, and people knowing they're in for the long haul with some of this data."
Shares