Dynadot

alert Epik Had A Major Breach

NameSilo
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
The Bible uses the term "whore" many times BUT not referring to poor people working to survive. This is just so disgusting on so many levels I don't even know what to say. It does explain a lot though, he thinks of his employees like whores, his customers like Johns and he is the CEP (Chief Executive Pimp).

"Whore" is a very strong term. Worse than a "prostitute". I wouldn't be surprised if he views those who accept his "bounty" payments as whores.
 
0
•••
"Whore" is a very strong term. Worse than a "prostitute". I wouldn't be surprised if he views those who accept his "bounty" payments as whores.

Yes, it seems by his definition, that anyone who takes money from him/Epik that doesn't also like him and Epik is a whore.

Mind you, this is the same guy that just got handed $32,000,000 for a smoke and mirrors company based on trash code and white labels and that he has now, only because of the hack exposed the truth, confessed to lying about his products and services for the last 10+ years and hiring desperate people to promote Epik and himself on social media sites in some kind of pump scam.

If someone working for money makes them a whore what does that make Rob Monster?

BTW: This is the same tactic used by fraudster Andrew Torba, owner of gab. He hired a Kenyan spammer that managed 10s of thousands of accounts various social platforms to promote gab and Torba. Torba also mass reported all the conservative blue check marks on twitter to try and get them banned so they would join gab. Monster and Torba are the worst of humans. Their filthy, dirty grifts literally ruined people's lives and even got many killed. For people like that it is called marketing.
 

Attachments

  • torba reports cernovich.jpg
    torba reports cernovich.jpg
    235.3 KB · Views: 149
  • torba reports cernovich.png
    torba reports cernovich.png
    152.7 KB · Views: 144
  • kenyan scam1.jpg
    kenyan scam1.jpg
    739.2 KB · Views: 122
  • Kenyans - lying about traffic21.jpg
    Kenyans - lying about traffic21.jpg
    162.7 KB · Views: 174
Last edited:
3
•••
One of the biggest scams among the registrars.


dnf1.jpg
dnf2.jpg
 
3
•••
One of the biggest scams among the registrars.


Show attachment 203808Show attachment 203809

The "forever registration" is nonsense, especially without the registry itself on-board.

With .COM for instance the max you can renew for is (10) years which would currently cost around $90 - $100 at most registrars. The "forever registration" is simply a promise to pay future renewals, with no actual guarantee of that.

The entire concept is basically marketing fluff without the registry itself on-board. Even then, there is no guarantee a company like Verisign will always have the rights to operate the .COM extension. They don't own the extension, they are simply operating it under contract.

Brad
 
Last edited:
2
•••
The entire concept is basically marketing fluff without the registry itself on-board.

I would say it is more than marketing fluff. It is a scam to get money from unaware registrants. Money that they will never recover. You can set your domains to auto-renew and move them around different registrars. But this ridiculous "forever registration" forces you to stay with Epik, hoping that you will not keep the domain near 25 years.
 
5
•••
I would say it is more than marketing fluff. It is a scam to get money from unaware registrants. Money that they will never recover. You can set your domains to auto-renew and move them around different registrars. But this ridiculous "forever registration" forces you to stay with Epik, hoping that you will not keep the domain near 25 years.

Yes. Total scam and at the time he was really pushing hard to sell Epik, at least he told me he was, who knows what is true with a guy like Monster. However, even he kept Epik for a couple more decades:
1) No guarantee Monster won't start dictating usage of that domain.
2) He collects interest on money you prepaid.
3) He keep domains from transferring because Epik is a trash fire.
4) He can inflate revenues on P&L to show potential investors.
 
5
•••
The "forever registration" is nonsense, especially without the registry itself on-board.

With .COM for instance the max you can renew for is (10) years which would currently cost around $90 - $100 at most registrars. The "forever registration" is simply a promise to pay future renewals, with no actual guarantee of that.

The entire concept is basically marketing fluff without the registry itself on-board. Even then, there is no guarantee a company like Verisign will always have the rights to operate the .COM extension. They don't own the extension, they are simply operating it under contract.

Brad

Network Solution

ns20yrdr.png
 
0
•••
I guess it is no surprise that the (2) leaders for worst registrar are offering this nonsense.

https://www.namepros.com/threads/what-is-the-worst-registrar-of-2021.1256284/

Forever registrations are not a thing. "Forever registrations" are like vaporware when it comes to domains.

No one has a partnership with Verisign (aka the .COM registry) when it comes to this. Maybe they have some partnership with some extension that no one cares about.

Also, as I said before even then these are just run under contract. Contracts to run a registry can change. Who knows what is going to happen years or decades in the future?

You are not actually buying anything other than than a promise many years or decades in the future.

It is only good for registrars as they get up front money for nothing other than a promise.

That promise is only as trustworthy as the company making it. You can compare Epik's statements in the past when it comes to security, and their security practices in reality, then decide for yourself how trustworthy they are.

Brad
 
Last edited:
4
•••
Last edited:
2
•••
I got a message today from a very popular credit monitoring service regarding the Epik data breach.

This is going to be news to millions of people now who did not already know this.

Brad
 
Last edited:
2
•••
I got a message today from a very popular credit monitoring service regarding the Epik data breach.

This is going to be news to millions of people now who did not already know this.

Brad

When are you going to share it?
 
0
•••
I got a message today from a very popular credit monitoring service regarding the Epik data breach.

This is going to be news to millions of people now who did not already know this.

Brad

When are you going to share it?

Is it from Credit Karma?

Epik breach​

September 2021
In September 2021, Epik's database was allegedly breached. Even if you don't use your Epik account anymore, it's important to protect any info that was exposed.

(Posted on another forum)
 
Last edited:
4
•••
Is it from Credit Karma?

Epik breach​

September 2021
In September 2021, Epik's database was allegedly breached. Even if you don't use your Epik account anymore, it's important to protect any info that was exposed.

(Posted on another forum)

Nothing found on CreditKarma.com when searching for text "In September 2021, Epik's database was allegedly breached"
 
0
•••
Nothing found on CreditKarma.com when searching for text "In September 2021, Epik's database was allegedly breached"
This could have been sent only via email. I cannot confirm either way because I don't use that service. It would be good if someone else could confirm this who uses Credit Karma or another credit monitoring service. But there are reports of credit card issues around that date:

https://domainnamewire.com/2021/09/20/epik-breach-credit-card-woes-whois-data/
 
Last edited:
1
•••
Nothing found on CreditKarma.com when searching for text "In September 2021, Epik's database was allegedly breached"

Yes, it was emailed out to any of their millions of customers whose data was involved in the breach.

Brad
 
0
•••
Yes, it was emailed out to any of their millions of customers whose data was involved in the breach.

Brad

Was that all 10 customers, Brad? :)
 
1
•••
Was that all 10 customers, Brad? :)
I think Credit Karma has 100M+ customers. It would have gone out to any of those customers who had emails involved in the data breach.

HaveIBeenPwned.com shows -

Compromised accounts: 15,003,961

There is going to be a lot of overlap between the two groups.

Brad
 
2
•••
I think Credit Karma has 100M+ customers. It would have gone out to any of those customers who had emails involved in the data breach.

HaveIBeenPwned.com shows -

Compromised accounts: 15,003,961

There is going to be a lot of overlap between the two groups.

Brad

Yep It truely horrifying. Even Epik are tightening up the security ridiculously. A week ago they were releasing the registration locks on domains on day 60. Day 60 hasn't changed, but of course they are now releasing them on day 62, without any announcement to the world. Plus. For a while now (I'm not sure if this is a new feature) if you want to have the transfer out expedited, you have provide your PIN number. No problem with that. But again in the last week they now want to specify both the PIN AND the EMAIL address in your account, even though all my communications use this address 100% of the time. So they don't mind receiving instruction using my email address, but they want you to quote my PIN (no problem) AND my email address in my email BEFORE they will expedite the transfer. ABSOLUTELY RIDICULOUS.

I only started using EPIK recently, for drop catching. I transfer out in 62 (ahem) days. But they have gone MAD with expecting me to quote my email address in my email, else they won't expedite the transfer.

I've still got about 30 domains in Epik. But they will be gone when this 62nd day arrives. Which was always my plan anyway. Nobody should tolerate insanity on this scale.

Sorry for boiling over. But this is RIDICULOUS.
 
Last edited:
2
•••
Day 60 hasn't changed, but of course they are now releasing them on day 62

If that's the case I predicts a lot of incoming ICANN complaints.
 
0
•••
If that's the case I predicts a lot of incoming ICANN complaints.

They have certainly moved the date from 60 days to approx 2 days more. They haven't explained why. There could be a valid reason. But for the previous month I was transferring them out on the date in their control panel, and I'm not the only one surprised about this. But now we have to wait approx 2 extra days to do it. They are also making it harder to expedite the transfer. I'm sure before, they just accepted a request to to expedite that transfer. Then that needed the pin code. OK. But now they want you to quote the pin code and the account email address, in an email coming from that email address. This is just to expedite a transfer. After the experiment I'm currently conducting, I'm going to probably just transfer the existing domains out, and not use them any more. Stupid twits.
 
Last edited:
3
•••
They have certainly moved the date from 60 days to approx 2 days more. They haven't explained why. There could be a valid reason. But for the previous month I was transferring them out on the date in their control panel, and I'm not the only one surprised about this. But now we have to wait approx 2 extra days to do it. They are also making it harder to expedite the transfer. I'm sure before, they just accepted a request to to expedite that transfer. Then that needed the pin code. OK. But now they want you to quote the pin code and the account email address, in an email coming from that email address. This is just to expedite a transfer. After the experiment I'm currently conducting, I'm going to probably just transfer the existing domains out, and not use them any more. Stupid twits.

Thanks. I can understand given the recent hack they make it a bit harder to transfer out domains. Could be annoying to some but nothing a quick email or support chat wouldn't resolve.

The additional days they've put on locks is ridiculous and serves no purpose. There's ICANN regulation regarding this for a reason.

Thanks for that info.
 
2
•••
Thanks. I can understand given the recent hack they make it a bit harder to transfer out domains. Could be annoying to some but nothing a quick email or support chat wouldn't resolve.

The additional days they've put on locks is ridiculous and serves no purpose. There's ICANN regulation regarding this for a reason.

Thanks for that info.
Indeed. Seems they are worried about a mass exodus. Lets see if they can fix the security hole. They were alerted to it as far back as February.
 
2
•••
Well they've lost me as a customer, even before my experiment with SAV is over. BTW SAV won another domain today. SAV have won 3 out of 4 so far. So the trend is clear. So there are two domains left on my trial @DirkS, which drop in the next drop.

I don't have a problem with them asking for my PIN number, which is designed for this purpose. But I have a big problem asking for my email of my account, written in an email from that same email account which I correspond with them almost daily. That is too much to bear, writing that almost every day. It's not supports fault. They are just follow orders. They've gone from requesting expedited transfer, to requesting my PIN number (which I have no problem with) to requesting my PIN number AND my email address written down in the same email I'm sending to them. Just to expedite a transfer. Which used to take minutes, but now takes days (along with the 2 days they've added to the transfer process). They could just look at the email address and compare that with the email address on file instead of asking me to write the same email address down in the email address I'm writing from. And then just ask me if it doesn't match the email on file. It's probably less work for them.
 
3
•••
Well they've lost me as a customer, even before my experiment with SAV is over. BTW SAV won another domain today. SAV have won 3 out of 4 so far. So the trend is clear. So there are two domains left on my trial @DirkS, which drop in the next drop.

I don't have a problem with them asking for my PIN number, which is designed for this purpose. But I have a big problem asking for my email of my account, written in an email from that same email account which I correspond with them almost daily. That is too much to bear, writing that almost every day. It's not supports fault. They are just follow orders. They've gone from requesting expedited transfer, to requesting my PIN number (which I have no problem with) to requesting my PIN number AND my email address written down in the same email I'm sending to them. Just to expedite a transfer. Which used to take minutes, but now takes days (along with the 2 days they've added to the transfer process). They could just look at the email address and compare that with the email address on file instead of asking me to write the same email address down in the email address I'm writing from. And then just ask me if it doesn't match the email on file. It's probably less work for them.

Imagine if a registrar had a website that was completely open to the world that anyone can see each and every transaction and hijack any account they desired. That's Epik.

They are probably doing everything manually and storing all data - usernames, passwords, pins, credit card details, etc written on spiral notebooks.
 
5
•••
All this BS about making the checks more stringent on transfers away are completely misguided. They should be done at the front end not at the backend. IMHO.
 
5
•••
Back