Dynadot

alert Epik Had A Major Breach

NameSilo
Watch
Silentptnr

Silentptnr

Domains88.comTop Member
VIP
Impact
47,110
Last edited:
Click to expand...
Reply
33
31 Thanks
2 Like
1 Agree
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
Will be interesting to learn more about a potential 2020 hack, and if it was something that should have been disclosed to customers.


Some pretty serious info in the leak is coming to light now :xf.eek:
 
Last edited:
Click to expand...
Reply
9
5 Thanks
4 Agree
0 Like
•••
I wonder how Visa, Mastercard, Amex, and other payment processors feel about this practice?


Panic! in the Discord
@discord__panic

Anyone know who to report Epik to for PCI compliance? They have unencrypted credit card numbers, billing addresses, and CVVs in their databases..

7:21 PM · Sep 17, 2021
 
Last edited:
Click to expand...
Reply
5
5 Thanks
0 Like
•••
Very interesting...

I am also sure the DOJ and FBI will absolutely love information about their investigation and subpoenas being revealed in this data breach.

Brad
 
Last edited:
Click to expand...
Reply
6
6 Thanks
0 Like
•••
Click to expand...
Reply
3
2 Thanks
1 Like
•••
 
Last edited:
Click to expand...
Reply
5
5 Thanks
0 Like
•••
Click to expand...
Reply
3
2 Agree
1 Thanks
0 Like
•••
This extreme incompetence is the last straw for me. I'm quite dependent on Epik because this is the only registrar I know of that has both crypto payouts and domain tasting, but it's pointless if it's going to burn like this. Got many new regs there so I'm stuck for a while.

Currently I'll be initiating Masterbucks withdrawals in small batches. Will let you all know if it's all successful or not.
 
Click to expand...
Reply
7
6 Thanks
1 Like
•••
Click to expand...
Reply
5
4 Thanks
1 Agree
0 Like
•••
bmugford said:
Very interesting...

I am also sure the DOJ and FBI will absolutely love information about their investigation and subpoenas being revealed in this data breach.

Brad
Click to expand...

I searched epik + maga.host (thanks to the now deleted screenshot) and stumbled upon:

https://krebsonsecurity.com/2021/01/hamas-may-be-threat-to-8chan-qanon-online/

I don't quite understand the article or comprehend the below graph. I added highlights to the red dot sections, as Weev, Anonymize, BitMItigate, Maga.Host are all topics that's been brought up in this thread.

upload_2021-9-19_13-37-22.png
 
Last edited:
Click to expand...
Reply
6
6 Thanks
0 Like
•••
Chris Hydrick said:
I don't quite understand the article or comprehend the below graph.
Click to expand...
It seems like a graph of websites hosted on various IP addresses. The article deals with problematic IP ranges and companies. US citizens and businesses are not legally allowed to trade with some designated organisations or individuals.

Regards...jmcc
 
Click to expand...
Reply
9
8 Thanks
1 Agree
0 Like
•••
Seeing all this was having me transfer my domains out of epik today. Only to realise their website no longer loads.
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
Is there some reason we can’t approve our own transfers?
 
Click to expand...
Reply
2
2 Thanks
0 Like
•••
I think I remember it being said that you have to contact Epik support to approve the transfer-outs now.


Edit: quote added

DN_Hunter said:
I emailed EPIK support, and they replied with the following:

======================================================
For security reasons, domain transfer approval has been disabled.

If you may provide us your Epik Account PIN # as well as the 2 domains, we'll get this done for you.
=====================================================

So I provided the information they requested. Hope they can move the transfers along ASAP.
Click to expand...
 
Last edited:
Click to expand...
Reply
4
4 Thanks
1 Dislike
0 Like
•••
cbd said:
I think I remember it being said that you have to contact Epik support to approve the transfer-outs now.
Click to expand...
Seriously? That's shady.
 
Click to expand...
Reply
2
1 Thanks
1 Agree
0 Like
•••
Click to expand...
Reply
3
2 Thanks
1 Like
1 Disagree
•••
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Transfer will be approved/finished automatically on 6th day. It is pending at REGISTRY level...
Just start it and forget.
 
Last edited:
Click to expand...
Reply
4
2 Like
2 Thanks
•••
Click to expand...
Reply
3
3 Thanks
0 Like
•••
Jurgen Wolf said:
Transfer will be approved/finished automatically on 6th day. It is pending at REGISTRY level...
Just start it and forget.
Click to expand...

yes I am having a hell of a time transferring 4 names. No approve button, wrong auth codes etc. I can’t even believe they are making it harder for us not easier. I am on a chat with Amy and still no auto approval option available
 
Click to expand...
Reply
4
4 Thanks
0 Like
•••
Great. I just registered 50+ domains in the past two weeks after thinking things were getting better over there. Fnck.
 
Last edited:
Click to expand...
Reply
3
3 Thanks
0 Like
•••
Last edited:
Click to expand...
Reply
12
11 Thanks
1 Agree
0 Like
•••
Lox said:
E: 15,003,961
Check if your email/phone: Haveibeenpwned.com

Regards
Click to expand...

Oh no — pwned!

Epik: In September 2021, the domain registrar and web host Epik suffered a significant data breach, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.

Compromised data: Email addresses, Names, Phone numbers, Physical addresses, Purchases
 
Last edited:
Click to expand...
Reply
7
6 Thanks
1 Like
1 Agree
•••
Click to expand...
Reply
13
12 Thanks
1 Agree
0 Like
•••
bmugford said:
Oh no — pwned!

Epik: In September 2021, the domain registrar and web host Epik suffered a significant data breach, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.

Compromised data: Email addresses, Names, Phone numbers, Physical addresses, Purchases
Click to expand...

For now, HIBPWNED indexed 15,003,961 ...
 
Click to expand...
Reply
4
3 Thanks
1 Agree
0 Like
•••
Log in or sign up to reply here.

Similar threads

C
  • Poll
poll Is RLE.com #ConfirmedStolen?
12 replies
860 views
create.com
create.com
tonecas
Rob Monster and previous EPIK management took my money
5 replies
716 views
Jv1999
Jv1999
Igor Mironyuk
auction 01.travel, 10 "01" domains had been sold
13 replies
757 views
Igor Mironyuk
Igor Mironyuk
Acroplex
  • Article
information Top Topics: Epik login disabled; GoDaddy appraisal tool changes; XYZ domains demystified; 5% deposit for .AI auction bids; Afternic glitch or greed?
4 comments
3K views
Mr. Deleted
Mr. Deleted
Kojaki
domain ETH.How
5 replies
290 views
Jordon M.
Jordon M.

We're social

Latest news

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back