Yesterday afternoon, the Have I Been Pwned? platform added the Epik data breach to its database. In doing so, it announced that more than 15 million email addresses were contained in the data, along with other information like addresses and phone numbers:
New breach: Epik had 180GB of data breached last week including 15M unique email addresses (both customers and scraped WHOIS), names, phone nums, physical addresses, purchases and passwords in various formats. 52% were already in @haveibeenpwned. More: https://t.co/ZxJDbStPht
— Have I Been Pwned (@haveibeenpwned) September 19, 2021
There has been a lot to unpack with this data breach, and more details have been shared on various platforms including a long thread at NamePros and quite a few Twitter accounts. You can search Twitter for hashtags like #EpikFail, #EpikHack, or simply search for Epik to see updates from a wide variety of people who seem to have access to the data.
A short while ago, Epik sent out the email below with links to relevant organizations: