Financial and credit card information belonging to almost 200 Maine residents has been compromised in the hack of a web services company that’s popular with far-right groups.
The 190 Maine residents are among 110,000 people nationwide whose details were leaked in a breach of information from Epik, according to a data breach notice filed with the Maine Attorney General’s office last week.
The compromised information included financial account numbers or credit and debit card numbers, including security codes, access codes, and other passwords needed to gain access to those accounts and cards.
There were no other identifying details about the Mainers whose data were leaked in the data breach notice filed with the attorney general’s office.
Almost 10 years’ worth of data from Epik customers, including payment information, domain purchases and transfers, email addresses, and account credentials, were captured, according to Anonymous, the decentralized internet hacking collective that claimed responsibility for the Sept. 13 hack.
Epik discovered the breach two days later, on Sept. 15.
“We have retained multiple cybersecurity partners to investigate the incident, secure our services, help affected users, and notify you, law enforcement, and other relevant authorities,” Epik wrote in a letter to customers. “We are continuing to communicate with relevant authorities and other stakeholders as well.”
The company, based outside of Seattle, Washington, said it would offer affected Epik users free credit monitoring until Sept. 15, 2023.
Epik has been criticized for providing services to extremist groups and websites that had been barred from using other web hosting services for hosting racist and anti-Semitic content, such as the Proud Boys and the social media sites Gab, Parler and 8chan.
Amazon Web Services cut off Parler’s web service earlier this year due to its links to Jan. 6 Capitol rioters, and 8chan and Gab have been linked to men responsible for mass shootings in El Paso, New Zealand and Pittsburgh.