Dynadot

alert Epik Had A Major Breach

NameSilo
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Probably would have been better without the last paragraph - God, prayer, evil, enemies. That is not usually the type of wording you see about a hack.

All people care about is what happened.

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc
dFshwRYbZM
 
Last edited:
18
•••
^^ I haven't received that email yet.
 
4
•••
This thread is exploding. I still have a few pages to catch up on. Here are brief thoughts.



Hackers come in many different colors. Most are determined to steal data and sell it on the dark web. Identity theft, bribes, ransomware, and other scams. This one sounds like it was motivated by Rob's position on free speech, hate speech to be precise. This is well documented on NP, Wikipedia, and many other sites, including journalist articles. I don't know what he was thinking. Maybe a way to differentiate his company.



This is very true. The bigger the company gets the more likely it will become a target. But what is most important is what is the company's response.

my initial response was if they wanted a full beat down .. why didn’t they capture .. lock and ransom … this just my opinion but I feel the attack was an American or Americans
 
Last edited:
0
•••
I'd encourage everyone to do the following:
  • Change your password on Epik
  • If you use the same password across multiple sites, change all of them to be unique (try a password manager program like BitWarden, LastPass, 1Password).
  • Setup 2-factor authentication on Epik
  • Setup 2-factor authentication on the email associated with your Epik account
  • Stop using the Anonymize VPN service until we have more information from Rob/Epik regarding the extent of this alleged hack.
  • Be extra careful opening emails that claim to be from Epik as they may or may not be phishing attempts by bad actors, especially now that Epik customers may become bigger targets. Check the sender, look for misspellings, report suspicious emails or ask Epik livechat to confirm if they're real if you're unsure. Be mindful when clicking on links and double check the domain in the address bar before typing in sensitive info like logins.
  • Make sure your security questions are setup properly and cannot easy be guessed or found out.
  • Make sure your computer has the latest software updates and run a virus/malware scan to make sure your device is safe. (Malwarebytes, Avast, Windows Defender, etc. whatever program you prefer)
I recommend the free 'Google Authenticator' app on iOS/Android for 2FA.
Optional: use a VPN from ProtonVPN (free option), NordVPN, ExpressVPN, PrivateInternetAccess.

While we still don't have the full details regarding the hack, it's not a bad idea to take a proactive approach and start 'locking down' your accounts now. Still waiting on an official response from Epik. As of right now this is still very much an 'alleged' hack but it certainly doesn't look good.

Remember that if one password is compromised, hackers will likely try that same username/email/password across many different sites and services to see how many locks that key can open which is why it's important to use different passwords. Domain hijackers will almost certainly be trying Epik passwords across various different domain registrars.
 
Last edited:
8
•••
Since we're continuing to see political arguments in this thread, let's get one thing straight: Anonymous is a movement that favors chaos. It's a loose collection of people who believe they have transcended morals, religion, and politics, and they do not care what ideological stance they take as long as it makes people angry. They'll say whatever they need to say to justify it as hacktivism.

These are not people for whom ideology is a motive; rather, it's a tool. Their mentality is that the universe is nothing but a game and their purpose is to ruin the fun for everybody. They will take whatever ideological stance opposes their target. And they'll relentlessly harass anyone who gets in the way or points out that the only real goal is chaos.

Controversial targets are easy targets: the victims point fingers while the hackers wallow in the chaos.

Don't fall for it.
 
Last edited:
33
•••
I don't see politics.
Mainly religious fanaticism or discrimination.
Use proper definitions.
 
4
•••
All you need to do is log in and change the profile to your wife and let her deal with it.
This is too much for a man.
Yeah. If you "verified" your Epik account by uploading (real) ID - then you might really want to change your profile to your wife or another trusted person WITH OTHER REGISTRARS. Worst case scenario: hackers know your real name, have your ID and the list of domains you transferred out from Epik to "registrar X". The said "registrar X" may now receive a password reset request from somebody claiming to be yourself, who simply forgot everything (email, login, password) but faxed to them your real ID... and who knows what else (cc details, bank account number if you used masterbucks to withdraw..)
 
Last edited:
3
•••
anybody else getting this when you try epik...
Screenshot 2021-09-15 at 4.20.33 PM.png
 
Last edited:
1
•••
This attack might be coming from inside, or it may be deeper than what most people think.
The call is coming from inside the house...it's your father and he's been drinking :)
 
2
•••
Yeah. If you "verified" your Epik account by uploading (real) ID - then you might really want to change your profile to your wife or another trusted person WITH OTHER REGISTRARS. Worst case scenario: hackers know your real name, have your ID and the list of domains you transferred out from Epik to "registrar X". The said "registrar X" may now receive a password reset request from somebody claiming to be yourself, who simply forgot everything (email, login, password) but faxed to them your real ID... and who knows what else (cc details, bank account number if you used masterbucks to withdraw..)

I have no idea if it will as bad as you claimed.
Anyway, many of us still waiting for someone who had download the torrent to talk about what kinds of sensitive information have been massively leaked.
 
Last edited:
5
•••
Last edited:
1
•••
I have no idea if it will as worse as you claimed.
/me too. But, prevention is better than cure. Epik still has, and, therefore, had account verification link inside - with an opportunity to upload ids etc. in all relevant times.
 
2
•••
No problem here in Australia, site is loading, havn't logged it, no need to at this point.

Cheers
Corey
 
1
•••
Just hit my email.....

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc
UsQktrTLQYmhwuM_7GE3DSqFOpBh5cTe_5Lzmi-cj6M1uCx8cng7FA-0DhBsv08V24-SU3Wrwhiaubuv1lFSJ9jfOlctlRpidF5alG70TjW8HRF-Asyki-JOSW4=s0-d-e1-ft
 
1
•••
I am not having this issue, I am able to access the Epik homepage without any problems.
thx, it worked for me. i got through when i googled the name. i got the error when i tried to enter through my bookmarked epik link.
 
1
•••
It seems like a cult with always prayers and god in every post/email
 
3
•••
Epik sent me an email about an alleged security incident they are investigating...
 
2
•••
Probably would have been better without the last paragraph - God, prayer, evil, enemies. That is not usually the type of wording you see about a hack.

All people care about is what happened.

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc
dFshwRYbZM

Without the last paragraph I'd be suspicious that this statement really comes from Epik...But now you can be sure it's Rob Monster.
 
Last edited:
8
•••
Today a few times higher activity among domainers than yesterday - and no troubles, no slow response.
Definitely all issues yesterday are linked with mentioned attack. I have no doubts.
 
Last edited:
0
•••
0
•••
Epik sent me an email about an alleged security incident they are investigating...
Just hit my email.....

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc
UsQktrTLQYmhwuM_7GE3DSqFOpBh5cTe_5Lzmi-cj6M1uCx8cng7FA-0DhBsv08V24-SU3Wrwhiaubuv1lFSJ9jfOlctlRpidF5alG70TjW8HRF-Asyki-JOSW4=s0-d-e1-ft
 
0
•••
sucks.. still got a bunch of domains there.. been too busy to move them.. now i suffer like the other lazy people.. we're punished by Rob's god... you know gods never help the little people
 
3
•••
From reading Epik's email their approach is more a "precautionary measure" view and seems to be less serious than what others are describing as a data breach..
 
5
•••
i no longer have any names at epik. i would like to close my account but am having a hell of a time finding out how to do it. there is nothing on the site that simply says close/delete account. anyone know how to?
 
4
•••
What incredible timing, I was just about to move my landers to Epik and try them out.

On a side note, there appears to be a torrent file going around with all the information that was obtained in the breach.
 
1
•••
Back