alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[kam]

Before checking what's include in the torrent file, I think I can summarize what has been leaked. but after get into details, I don't want to say anything now and I will pray for Rob.

 

[mr-x]

IMHO this is the time to support Epik and Rob. Not fly off the handle and post endless negative comments and abandon Epik. The reason that I say that is because Rob has donated more of his time and money to help all domainers than anyone else, as far as I am aware. I have never heard Rob discriminate against or have ill will towards anyone else because they have a different political view or religion than he has, but those same people turn around and condemn Rob just for saying he will pray for them!!! Rob's comments like "Blessings to you all" and "creating abundance for all" show he is the exact opposite of the lies the left are using to smear him and Epik all over the internet. Just please use you own brain to see though the propaganda being used to discredit an honest person who is actively trying to make the world a better place and has the courage to oppose the tyrants who are a serious threat to the liberty of each and every one of us.

I just transferred 2 domains to epik. Will transfer more as registrations come due.

 

[Beezy]

There are two more easily digestible versions of the files available now.

 

[Business Brands]

In my opinion, they are trying to make Forever Registration disappear.

 

[Business Brands]

By they I mean hackers.

 

[Samer]

IMHO this is the time to support Epik and Rob. Not fly off the handle and post endless negative comments and abandon Epik. The reason that I say that is because Rob has donated more of his time and money to help all domainers than anyone else, as far as I am aware. I have never heard Rob discriminate against or have ill will towards anyone else because they have a different political view or religion than he has, but those same people turn around and condemn Rob just for saying he will pray for them!!! Rob's comments like "Blessings to you all" and "creating abundance for all" show he is the exact opposite of the lies the left are using to smear him and Epik all over the internet. Just please use you own brain to see though the propaganda being used to discredit an honest person who is actively trying to make the world a better place and has the courage to oppose the tyrants who are a serious threat to the liberty of each and every one of us.

My man! Enjoy your 19th, 20th post like, agree
Thank you.

Samer

 

[blockhead]

Shocking time for folks to double-down & literally transfer more domains into a freshly-breached registrar, before we even know the details of what happened, the extent of the data that has been leaked, what is being done about it to prevent this from continuing and/or happening again, etc. IMHO it's pretty clear this won't be the last attempt....

Yikes. And here I am regretting having a few domains locked there.

Sign of the times for sure!

 

[mr-x]

Shocking time for folks to double-down & literally transfer more domains into a freshly-breached registrar, before we even know the details of what happened, the extent of the data that has been leaked, what is being done about it to prevent this from continuing and/or happening again, etc. IMHO it's pretty clear this won't be the last attempt....

Yikes. And here I am regretting having a few domains locked there.

Sign of the times for sure!

No reports of anything being missing from Epik. They will get their act together and be more secure than before.

Don't be surprised to find out it was an inside job.

 

[premkumar]

I am worried about my domains and my CC details. People here talking about Epik closing down, I hope Rob you don't let your customers down and as a customer, I want you to keep running Epik. I have lot of domains with EPIK and hope my domains will be safe not just from hacking but also from any potential chance of Epik wind down. Rob keep providing good service and don't let down your customers.

 

[blockhead]

I think that's quite an assumption that they'll be able to prevent something like this (or worse) from happening again. Perhaps they can "plug the hole", but the infiltrators (and/or copycats) will likely be emboldened by success, the media coverage, and the applause they're getting from a lot of folks (just read the comments on Ars, for example).

Let's imagine that perhaps the goal this time was simply to embarrass Epik and destroy a lot of folks' trust in them.
Let's imagine that customer's financial data wasn't leaked this time around, perhaps domains weren't stolen (yet) this time around.
Who's to say the next attack won't have more of a financial objective (such as domain theft, cc theft, identity theft, ransomware)?

(To be clear: I personally don't know the extent of the damage that's been done, or will be done as the data is spread around the net, sold or otherwise makes its way into the hands of various parties, etc)

Will a second attack even be necessary for this to get a lot worse for folks whose sensitive data may now be "out there" already?

Sooo many questions... it's unbelievable to me that people are doubling down before even seeking answers. Do people seriously value their domains/finances so little? Do these folks not realize that there are now going to be a LOT less people willing to set up an account at Epik? I would advise that anyone who's hoping to sell their domains do a simple Google search for "Epik" and see what potential customers will be seeing. It's not very reassuring.

 

[tonyk2000]

Since some posts here are now about registrar security in general, I'd take the liberty to post a link to an old (but still interesting, especially comments) related NP poll.
https://www.namepros.com/threads/which-registrar-do-you-feel-safest-with.1182872/

 

[The Rover]

I think that's quite an assumption that they'll be able to prevent something like this (or worse) from happening again. Perhaps they can "plug the hole", but the infiltrators (and/or copycats) will likely be emboldened by success, the media coverage, and the applause they're getting from a lot of folks (just read the comments on Ars, for example).

Let's imagine that perhaps the goal this time was simply to embarrass Epik and destroy a lot of folks' trust in them.
Let's imagine that customer's financial data wasn't leaked this time around, perhaps domains weren't stolen (yet) this time around.
Who's to say the next attack won't have more of a financial objective (such as domain theft, cc theft, identity theft, ransomware)?

(To be clear: I personally don't know the extent of the damage that's been done, or will be done as the data is spread around the net, sold or otherwise makes its way into the hands of various parties, etc)

Will a second attack even be necessary for this to get a lot worse for folks whose sensitive data may now be "out there" already?

Sooo many questions... it's unbelievable to me that people are doubling down before even seeking answers. Do people seriously value their domains/finances so little? Do these folks not realize that there are now going to be a LOT less people willing to set up an account at Epik? I would advise that anyone who's hoping to sell their domains do a simple Google search for "Epik" and see what potential customers will be seeing. It's not very reassuring.

The reality is that virtually ANY website on the internet can be hacked. Why bother stoking the fires of fear without even knowing the specific details of the breach?

Are we really that "shocked" that one of the most tyrannical, agenda-laden, fascist corporations on the planet (google) isn't hesitating to feature news articles from leftist rags that depict Epik in a bad light the first chance they get? That merely underscores what's at stake here and the motivations for this attack. Many people can see past the absurd headlines attempting to smear Rob. "Far right this" far right that". Truth is, many people are DONE with the baseless labeling and weak, ideological smears.

If people want to transfer their domains over to Epik, they're more than welcome to. Most of these transfers are likely just sending a signal of solidarity, and rightly so. It may come as shock to many here (based on so many clueless comments that I regularly see on here and on other industry blogs) but there are more important things in life than just money and appreciating assets.

There are some things in life that are actually worth fighting and standing up for. I've said it before, and I will say it again: people should be outraged and terrified by the motivations of the hack.

 

[DN Playbook]

Since we're continuing to see political arguments in this thread, let's get one thing straight: Anonymous is a movement that favors chaos. It's a loose collection of people who believe they have transcended morals, religion, and politics, and they do not care what ideological stance they take as long as it makes people angry. They'll say whatever they need to say to justify it as hacktivism.

These are not people for whom ideology is a motive; rather, it's a tool. Their mentality is that the universe is nothing but a game and their purpose is to ruin the fun for everybody. They will take whatever ideological stance opposes their target. And they'll relentlessly harass anyone who gets in the way or points out that the only real goal is chaos.

Controversial targets are easy targets: the victims point fingers while the hackers wallow in the chaos.

Don't fall for it.

I am not disagreeing with you. Anytime anyone is hacked it is a nightmare scenario. I haven't researched Anonymous much. I hear about them, from them, on and off. So what you are saying they are not hacktivists but use hacktivism as an excuse or justification to have some fun?

 

[mr-x]

I think that's quite an assumption that they'll be able to prevent something like this (or worse) from happening again. Perhaps they can "plug the hole", but the infiltrators (and/or copycats) will likely be emboldened by success, the media coverage, and the applause they're getting from a lot of folks (just read the comments on Ars, for example).

Let's imagine that perhaps the goal this time was simply to embarrass Epik and destroy a lot of folks' trust in them.
Let's imagine that customer's financial data wasn't leaked this time around, perhaps domains weren't stolen (yet) this time around.
Who's to say the next attack won't have more of a financial objective (such as domain theft, cc theft, identity theft, ransomware)?

(To be clear: I personally don't know the extent of the damage that's been done, or will be done as the data is spread around the net, sold or otherwise makes its way into the hands of various parties, etc)

Will a second attack even be necessary for this to get a lot worse for folks whose sensitive data may now be "out there" already?

Sooo many questions... it's unbelievable to me that people are doubling down before even seeking answers. Do people seriously value their domains/finances so little? Do these folks not realize that there are now going to be a LOT less people willing to set up an account at Epik? I would advise that anyone who's hoping to sell their domains do a simple Google search for "Epik" and see what potential customers will be seeing. It's not very reassuring.

Will people go to jail?

A lot of questions; we will have to wait for answers.

 

[The Rover]

I am not disagreeing with you. Anytime anyone is hacked it is a nightmare scenario. I haven't researched Anonymous much. I hear about them, from them, on and off. So what you are saying they are not hacktivists but use hacktivism as an excuse or justification to have some fun?

This is a direct attack on a company who's helping others maintain freedom of speech on the internet. Anyone attempting to spin this, downplay it, alluding that it's a "random attack" or trying to make it more complicated than that, is full of shit. Rob is trying to host companies who literally have no other home on the internet thanks to senseless, asinine woke mentality.

 

[DN Playbook]

This is a direct attack on a company who's helping others maintain freedom of speech on the internet. Anyone attempting to spin this, downplay it, alluding that it's a "random attack" or trying to make it more complicated than that, is full of shit. Rob is trying to host companies who literally have no other home on the internet thanks to senseless, asinine woke mentality.

There should be a more public statement than just email. Use social media, blog, etc., to push back and rebuild confidence. All hands on deck.

 

[April004]

Just got email from epik and there they state: "You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good."

I'm not against prayers - but I'm against not telling customers that basically no adequate security measures are in place to protect their data and that "security" at Epik actually means "after all your private data got hacked we'll pray for you".

 

[DN Playbook]

BTW, is woke a bad thing? There is a lot of confusion about that word.

 

[Alop]

BTW, is woke a bad thing? There is a lot of confusion about that word.

14 pages of spams without conclusion is pretty “woke”

 

[Paul]

So what you are saying they are not hacktivists but use hacktivism as an excuse or justification to have some fun?

Assuming they are who they say they are, that tends to be the case. That being said, now that I've had a chance to review more of the data, I noticed that some of it--particularly, data that might have resale value on the black market--appears to have been redacted. Notably, many of the passwords appear to have been replaced with placeholders that don't appear long enough to be hashes. I'm not certain this was the hacker's doing, but it's a sign they might have kept some of the data for themselves. If that's the case, I would assume that money is also a motive, if not the primary motive.

This is an entirely preliminary assessment, though, and I haven't gone through enough of the data to draw any definitive inclusions. ~150 GB is an awful lot of data. I suspect other security professionals will finish before I do.

Yes, there is still sensitive information in the breach, including PII. Yes, you should still change your passwords. Although there are signs some data may have been withheld from the public dump, it may still be distributed privately and used for nefarious purposes.

 

[The Rover]

There should be a more public statement than just email. Use social media, blog, etc., to push back and rebuild confidence. All hands on deck.

They're likely utterly inundated and trying to assess everything before releasing further details. They probably don't want to "tip off" what they know and don't know etc..

 

[The Rover]

Just got email from epik and there they state: "You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good."

I'm not against prayers - but I'm against not telling customers that basically no adequate security measures are in place to protect their data and that "security" at Epik actually means "after all your private data got hacked we'll pray for you".

Any site can be hacked, even sites with maximum security. Suggesting that Epik had nothing in place to protect their customers is an absurd notion. If you want to be angry, be angry at the motivation behind the attack.

 

[Paul]

Any site can be hacked, even sites with maximum security.

Correct.

Suggesting that Epik had nothing in place to protect their customers is an absurd notion.

Well, there were definite lapses in their security--I would go so far as to say a concerning amount, but the only data I have is the data that an attacker was willing to release.

If you want to be angry, be angry at the motivation behind the attack.

We don't know the motivation, though. Preliminary evidence points to some combination of hacktivism, money, and/or amusement. All we have to go on for the first option is the attacker's word, which I'm not inclined to trust. There are discrepancies in the data that indicate money was a possible factor, and the close affiliation with 4chan means it could've simply been for amusement. None of the evidence favoring any of these options is sufficient to draw a solid conclusion; we'll need to wait until we have more info.

 

[DN Playbook]

@Alop https://slate.com/culture/2021/06/woke-critical-race-theory-definition-history-meaningless.html

 

[Abdullah Abdullah]

I have been unable to login into my account at all It tells me wrong username and password. Can everyone login?