IT.COM

alert Epik Had A Major Breach

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
This.

Anyone yelling at Epik because of "123" password ever tried to investigate if that was actual internal account?

We are way too often believe "breaking news" we read on the web without verifying accuracy.

I'm sure researchers will assess the real vulnerabilities and hype in time.

Regardless, you were apparently looking at the account's info in plain text.

I had to turn on 2 factor auth several places this morning, as researchers in articles have used terms like "completely compromised".
 
3
•••
What I am sure of, is that, Epik is coming out from this big and better.
What the enemies meant for evil is turning into greatness for Rob and Epik in general.
People can be so wicked. The business he has been building all through his life can't just go down the drain. God never forsake his own people. God said "When you walk through the fire, you will not be burned; the flames will not set you ablaze.
 
3
•••
Last edited:
9
•••
Apparently, you're waiting for the slightest report of domain theft so you can have more reasons to bash Rob.
I'm waiting only for my next sale, or for enough budget in other words (to transfer out all my domains).
Rob's and his bank's destiny don't matter for me.
 
Last edited:
2
•••
If @robmonster would agree to an open independent audit of this I think that would be the only path to reputation repair.

#AuditEpik

#FullTransparency

I agree. It is kind of hard to trust a company that was not aware of the hack to do their own audit on what actually happened. I doubt they even know themselves at this point.

From what we know so far, there appears to have been security issues with how Epik stored and secured data. I am not an expert in the field, but listening to experts in the field it is clear the way Epik stored this data was unacceptable; using plain text, storing CC info, etc.

It makes sense to bring in actual qualified experts from the outside to analyze it. Maybe the same experts that warned about this ahead of time?

Brad
 
Last edited:
8
•••
Thanks for tagging me on this thread.

Hi Molly --- thanks for stopping by. Very happy to hear from you!

Le Monde may have conflated Pollock's resignation with that of Joseph Peterson.

Le Monde had cited an archived tweet from Braden. Archived, because that tweet was deleted by @Braden Pollock as that tweet thread was getting nasty. That tweet thread, and threats of leaking secrets is what prompted the below (still live) tweet by the DomainKing @Rick Schwartz


Allegedly when @Rob Monster refused to adhere to @Braden Pollock request to fire @DanSanchez for Dan's dropped phone outburst in the zoom social, Braden drew the line, and released his now deleted resignation tweet.

...

I can't find the footage of the dropped phone during the moment of silence, but below is the DNAcademy social recording from the following week, where epik senior VP of Qommuniations gives a statement on the incident, instead of going on his promised tirade of releasing alleged secret information on the domain industry and its participants.


Shout out to minute mark: 103:40 to the end of video where Epik senior VP of Qommunications and strateQy (Robert Davis @Intelliname) had some pretty choice words to say about me yours truly.
 
Last edited:
8
•••
I'm waiting only for my next sale, or for enough budget in other words (to transfer-out all my domains).
Rob's and his bank's destiny don't matter for me.

With the way you go about your tirades against Epik, one wouldn't believe you'd have anything to do with them let alone having multiple domains with them. I wish you quick sales so you can transfer your domains to a registrar you feel secured and more comfortable with.
 
2
•••
Everyone gets what he deserves.
No less, no more.
 
Last edited:
1
•••
Hi Molly --- thanks for stopping by. Very happy to hear from you!



Le Monde had cited an archived tweet from Braden. Archived, because that tweet was deleted by @Braden Pollock as that tweet thread was getting nasty. That tweet thread, and threats of leaking secrets is what prompted the below (still live) tweet by the DomainKing @Rick Schwartz



Allegedly when @Rob Monster refused to adhere to @Braden Pollock request to fire @DanSanchez for Dan's dropped phone outburst in the zoom social, Braden drew line, and released his now deleted resignation tweet.

...

I saw the archived tweet ("Since @ robmonster and I don't share the same ideology it's time he and I part company. I don't agree with the direction of @ EpikDotCom so I've decided to resign my Board seat, effective immediately.") but nothing connecting the resignation to any Christchurch video showings, hence my confusion on if and how the two incidents were connected. Was it later in the now-deleted thread or was the thread about something else?

I can't find the footage of the dropped phone during the moment of silence, but below is the DNAcademy social recording from the following week, where epik senior VP of Qommuniations gives a statement on the incident, instead of going on his promised tirade of releasing alleged secret information on the domain industry and its participants.


Shout out to minute mark: 103:40 where Epik senior VP of Qommunications and strateQy (Robert Davis @Intelliname) had some pretty choice words to say about me yours truly.

Does Davis still work for Epik? He's been awfully quiet this past week, if so.
 
Last edited:
10
•••
I saw the archived tweet ("Since @robmonster and I don't share the same ideology it's time he and I part company. I don't agree with the direction of @EpikDotCom so I've decided to resign my Board seat, effective immediately.") but nothing connecting the resignation to any Christchurch video showings

They are not connected. If they are, it's not a direct connection that aligns with the timeline of events.

@Braden Pollock resignation tweet came very shortly after robs refussal to fire the employee who dropped his phone and shouted curse words during a moment of silent for George Floyd at I think the beginning of DomainName Social #13.

After social #13, Braden released his resignation tweet.

The tweet thread starts to get nasty, and is then deleted.

Social #14 as pasted above occurs, and everybody apparently kissed and made up, and therefor no need for Braden to resign. I'm still not sure if Braden ever resigned or not... given the immediate after events of his deleted resignation tweet

...

Braden didn't seem to have a problem with Christchurch. Or if he did, that doesn't appear to be the breaking point that spurred his resignation tweet. He continued on with epik throughout, until the dropped phone outburst in social #13. And now, again, I'm still unsure if he's with the company or not.

...

Or so was/is my understanding. Anybody with direct or better knowledge of the situation, please correct me.
 
Last edited:
2
•••
The DOJ and FBI are going to have a field day with this treasure trove of leaked data.

After the Capitol riot, ‘Stop the Steal’ organizer Ali Alexander was scrambling to hide his digital footprint

https://www.dailydot.com/debug/ali-alexander-epik-hack-web-domains-capitol-riot/

Querying the Anonymize email address in the breach uncovers every domain that it appears the far-right figure apparently attempted to hide. Had the hack of Epik not been so expansive, some of the domains may have been difficult if not impossible to link to Alexander based just on the Anonymize email address alone.

Doesn't it kind of defeat the purpose of a VPN when all this data is archived and easily trackable back to a party?

Brad
 
Last edited:
5
•••
16
•••
10
•••
3
•••
1
•••
Apparently, you're waiting for the slightest report of domain theft so you can have more reasons to bash Rob. Just let it go already, it's getting stale.

2 y ago Network Solutions had a data breach,... after a very heartbreaking PR domains gets stolen anyway. This time more than ever. How many NS based domains reported stolen in 2019-2021 + were not reported but suspicious whois / ns / mx behavior > indicates there's something going on under the surface. Let me guess ... nah that's not okay, but that s* happens anyway ...

Regards
 
5
•••
I see some members mention that there has not been any domain theft. But I don't think domain theft has been the reason for this hack. According to the publications on Twitter, all kinds of personal data of Epik customers are now being published on a large scale.
 
Last edited:
11
•••
I see some members mention that there has not been any domain theft. But I don't think domain theft has been the reason for this hack. According to the publications on Twitter, all kinds of personal data of Epik customers is now being published on a large scale.

Yes, that is just a deflection from the real issue. It is basically a non-sequitur.

The actual issue is the personal data, not domain theft. Domain theft would only make things that much worse.

It's like Verizon leaking all your information then saying, but you still have your phone. It is kind of irrelevant to the underlying issue which is the massive data breach itself, and what appears to be straight up incompetence from the guardians of that data.

Brad
 
Last edited:
6
•••
Le Monde may have conflated Pollock's resignation with that of Joseph Peterson. I don't read French and am relying on machine translation; it could also be that they mean that Pollock resigned chronologically after that incident, rather than as a result of it. Or perhaps they've spoken to Pollock and he named the incident as a factor in his resignation. Anyway: according to Bloomberg in April, "But Monster had also been radicalized during the Trump years, subjecting his staff to florid conspiracy theories in staff meetings and spending more and more of his energy on politically charged work at Epik.... Peterson says he quit the company soon after Monster began a staff meeting by telling attendees to watch a video of the 2019 mosque shootings in Christchurch, New Zealand. He says the CEO claimed the video would convince his employees that the massacre had been faked."

You were right. Le Monde issued a correction:

Mise à jour le 20/09 : la version initiale de cet article attribuait à la projection des images de Christchurch la démission d’un membre du conseil d’administration d’Epik. Une démission a bien eu lieu, mais concernait le directeur des opérations de l’entreprise. L’article a été corrigé en ce sens.

Update 9/20: The original version of this article attributed the screening of the Christchurch footage to the resignation of an Epik board member. A resignation did take place, but concerned the director of operations of the company. The article has been corrected accordingly.

(I may or may not have tiped the author about this thread)
 
10
•••
Update and Options for Affected Epik Users

Hello,

We previously notified that on September 15, Epik confirmed a data intrusion involving its customers’ personal information. Though our forensic investigation is still ongoing, we can now confirm additional details of this intrusion.

What happened:
While we continue to investigate, we believe that on or before September 13, 2021, unauthorized third parties accessed a backup copy of Epik’s domain-side service accounts through one or more non-public servers.

What personal information may have been obtained:
Name, address, email address, username, password, phone and VAT number (if given), transaction history, domain ownership, and for a small subset of users, credit card information.

What we are doing:
As previously stated, we have retained multiple cybersecurity partners to investigate the incident, secure our services, help affected users, and notify you, law enforcement, and other relevant authorities. We are continuing to communicate with relevant authorities and other stakeholders as well.

At this time, we have secured access to our domain-side services and have applied additional security measures to help protect services and users going forward.

In addition, we will offer free credit monitoring until September 15, 2023, for all affected Epik users; more details on this free service will be made available soon.

Additional options for users:
1. Change your Epik password and enable two-factor authentication by visiting: https://www.epik.com/support/knowle...ssword-epik-user-password-when-user-forgot-it

2. Call Epik Toll-Free at 800-510-3282 for further information and assistance.

3. The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. This can be done by contacting any one of the three major credit bureaus:

Equifax: equifax.com/personal/credit-report-services or 1-800-685-1111
Experian: experian.com/help or 1-888-397-3742
TransUnion: transunion.com/credit-help or 1-888-909-8872

4. Request a free credit report from each credit bureau after placing a fraud alert on your file. Review these credit reports for any accounts and inquiries you do not recognize, as they may be signs of identity theft. If your personal information has been misused, visit the FTC’s site at IdentityTheft.gov to report the identity theft and obtain recovery steps. Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically so you can spot problems and address them quickly.

5. You may also want to consider placing a free credit freeze on your file. A credit freeze prevents potential creditors from obtaining your credit report, making it less likely for an identity thief to open new accounts in your name. To place a freeze, contact each of the major credit bureaus using the links or phone numbers above. A freeze will remain in place until you ask the credit bureau to temporarily lift or remove it.

6. Visit IdentityTheft.gov/databreach, for additional resources and help to protect yourself from identity theft or call 1-877-438-4338.

7. Learn more about your rights under the Fair Credit Reporting Act here.

8. Contact your local Attorney General or local law enforcement to report suspected identity theft by filing or obtaining a police report.

Thank you for your continued support. We will continue to keep you updated.
 
13
•••
What personal information may have been obtained:
Name, address, email address, username, password, phone and VAT number (if given), transaction history, domain ownership, and for a small subset of users, credit card information.

It probably would have been easier to just list what data was not obtained. It would be a shorter list.

Brad
 
Last edited:
8
•••
not sure why non customers are so concerned about the Registrar, owner & customers.

Cheers
Corey
 
4
•••
3
•••
Update and Options for Affected Epik Users

Hello,

We previously notified that on September 15, Epik confirmed a data intrusion involving its customers’ personal information. Though our forensic investigation is still ongoing, we can now confirm additional details of this intrusion.

What happened:
While we continue to investigate, we believe that on or before September 13, 2021, unauthorized third parties accessed a backup copy of Epik’s domain-side service accounts through one or more non-public servers.

What personal information may have been obtained:
Name, address, email address, username, password, phone and VAT number (if given), transaction history, domain ownership, and for a small subset of users, credit card information.

What we are doing:
As previously stated, we have retained multiple cybersecurity partners to investigate the incident, secure our services, help affected users, and notify you, law enforcement, and other relevant authorities. We are continuing to communicate with relevant authorities and other stakeholders as well.

At this time, we have secured access to our domain-side services and have applied additional security measures to help protect services and users going forward.

In addition, we will offer free credit monitoring until September 15, 2023, for all affected Epik users; more details on this free service will be made available soon.

Additional options for users:
1. Change your Epik password and enable two-factor authentication by visiting: https://www.epik.com/support/knowle...ssword-epik-user-password-when-user-forgot-it

2. Call Epik Toll-Free at 800-510-3282 for further information and assistance.

3. The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. This can be done by contacting any one of the three major credit bureaus:

Equifax: equifax.com/personal/credit-report-services or 1-800-685-1111
Experian: experian.com/help or 1-888-397-3742
TransUnion: transunion.com/credit-help or 1-888-909-8872

4. Request a free credit report from each credit bureau after placing a fraud alert on your file. Review these credit reports for any accounts and inquiries you do not recognize, as they may be signs of identity theft. If your personal information has been misused, visit the FTC’s site at IdentityTheft.gov to report the identity theft and obtain recovery steps. Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically so you can spot problems and address them quickly.

5. You may also want to consider placing a free credit freeze on your file. A credit freeze prevents potential creditors from obtaining your credit report, making it less likely for an identity thief to open new accounts in your name. To place a freeze, contact each of the major credit bureaus using the links or phone numbers above. A freeze will remain in place until you ask the credit bureau to temporarily lift or remove it.

6. Visit IdentityTheft.gov/databreach, for additional resources and help to protect yourself from identity theft or call 1-877-438-4338.

7. Learn more about your rights under the Fair Credit Reporting Act here.

8. Contact your local Attorney General or local law enforcement to report suspected identity theft by filing or obtaining a police report.

Thank you for your continued support. We will continue to keep you updated.


3. The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. This can be done by contacting any one of the three major credit bureaus:

Equifax: equifax.com/personal/credit-report-services or 1-800-685-1111
Experian: experian.com/help or 1-888-397-3742
TransUnion: transunion.com/credit-help or 1-888-909-8872


Could someone please explain how this works? Is this worldwide? Is this for residents of any country? If you cancel your credit card do you still have to contact those credit bureaus and place a fraud alert?
 
2
•••
What I am sure of, is that, Epik is coming out from this big and better.
What the enemies meant for evil is turning into greatness for Rob and Epik in general.
People can be so wicked. The business he has been building all through his life can't just go down the drain. God never forsake his own people. God said "When you walk through the fire, you will not be burned; the flames will not set you ablaze.

yes I agree,
you better stay with epik
 
4
•••
Back