Dynadot

information Epik and your plan

Catch.Club Catch.Club

johnn

WeSellName.comTop Member
Impact
9,596
I know there are a lot of members here have account with Epik so the information from you may help other members.

1. How many names do you have with Epik
2. Are you worried and what's your plan NOW and when the hacking is OVER
 
7
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Impact
38,798
Guys can I point out something? No one likes a tattle tale but isn't knocking someones faith a no no and considered discrimination? Are any of us here above the law? Just saying.. :unsure:

Just the way the world works. Matthew 5:11
 
4
•••

eternaldomains

Established Member
Impact
542
Years ago one of my (landrush) domains was stolen, and moved to another registrar. I contacted my registrar (not a very popular one) and after some waiting I got my domain back. But if I didn't realize it was missing, then it would have gone forever.. (nothing to do with Epik). .. So, in such cases, if you are awake, probably you can protect your domains. (later sold for 4 figures, big amount for a student).
Don't mind I ask which registrar is this? Having more backup options would be great these days.
 
2
•••

Jurgen Wolf

standforUkraine.comTop Member
Impact
11,827
Epik and your pain.
The most correct thread title here.
 
7
•••
Impact
34,358
Epik should only allow transfers out from here on via not only auth codes but by emailing the owner to double confirm the transfer by clicking on the provided link.
It seems that the auth code for transfer is no longer available directly from site, but only via email (a change from the past). Other registrars I deal with some you can get codes from site, and others only via admin email. In past Epik allowed both. Clearly only email a bit more secure, but immediately on site is more convenient.

Also, at least for me this morning, it does not allow fast approval via the email link (it asks me if I want to approve, but says approval is not allowed at this time). I did not check with customer service if there are ways around this, it is something temporary, or something particular to my transfer (I was just transferring one name, and don't mind if I do end up needing to wait the 5d).

I have 100+ names at Epik, I do not have immediate plans to move most out, will wait and see details and the response. I use 10 different registrars, with most on 4, so it is not like all my names at any registrar.

Bob
 
Last edited:
18
•••

topdom

Top Member
Impact
1,506
Don't mind I ask which registrar is this? Having more backup options would be great these days.

Maybe it was not totally their fault,.. that it was stolen. Maybe it was not stolen, and the registry screwed things up * , so I don't want to say bad things about that registrar.

....*Another strange thing happened in those days. I bought a keyword domain in that tld manually when it was available,..and it was taken away from me because it was a landrush domain owned by someone else (after 2 days)?..
(so if their story was correct, then its "actual owner" could think I stole it. )

The point is, you can get your stolen domain back if you act fast enough (probably).
 
Last edited:
2
•••

kite26

Fearless BirdTop Member
Impact
6,393
My plan?
prison-escape-night.jpg
 
8
•••

Maxasll

Boxweiler.comEstablished Member
Impact
1,610
I think it will be easy when there is any problem to file a lawsuit and get compensation from epik.
 
1
•••

blockhead

TruckerTop Member
Impact
1,597
What we know about this breach keeps getting worse and worse.

I'm not going to regurgitate everything here, but anyone who's ever used Epik should seriously follow along the main thread:

https://www.namepros.com/threads/epik-may-have-had-a-major-breach.1252094/

Essentially, it's not just your Epik account you should be thinking about. It's being claimed that even failed login attempts were stored in plaintext, and now leaked to the public, meaning that not just your Epik password is likely being passed around - but also passwords you may use for any number of other services and apps as well (think bank accounts, crypto accounts, email addresses, streaming services, restaurant apps, etc etc etc).

The potential damage has barely even started. This information is just starting to make the rounds.
 
Last edited:
8
•••

Dude called Michael

Just one more...Established Member
Impact
529
My plan is to stay away from Epik, at least for the time being. I pretty much stopped using them when Afternic dropped the 'swiss bank of domains' from the fast-transfer list.
 
2
•••
What we know about this breach keeps getting worse and worse.

I'm not going to regurgitate everything here, but anyone who's ever used Epik should seriously follow along the main thread:

https://www.namepros.com/threads/epik-may-have-had-a-major-breach.1252094/

Essentially, it's not just your Epik account you should be thinking about. It's being claimed that even failed login attempts were stored in plaintext, and now leaked to the public, meaning that not just your Epik password is likely being passed around - but also passwords you may use for any number of other services and apps as well (think bank accounts, crypto accounts, email addresses, streaming services, restaurant apps, etc etc etc).

The potential damage has barely even started. This information is just starting to make the rounds.

That's horrible. Many people use password manager software to keep their password and just copy and paste it to login when needed.
However, it's not uncommon that someone wrongfully copy another website password when they try to login. :dead:
 
1
•••
So all these skin head, nazi, republican crazies and other actors that no other company would touch, they all gathered in one place, mainly Epik.

Epik had their trust and kinda let them down. I image they are pissed? Do these outfits simply sling words? or are they action orientated?

I guess I may fear for Epik and their safety. Is it that serious?
 
2
•••

Sacoplc

Established Member
Impact
20
To me epik is still the best registrar, I will continue with them..
 
8
•••

ET76

Top Member
Impact
3,011
Also, at least for me this morning, it does not allow fast approval via the email link (it asks me if I want to approve, but says approval is not allowed at this time). I did not check with customer service if there are ways around this, it is something temporary, or something particular to my transfer (I was just transferring one name, and don't mind if I do end up needing to wait the 5d).

Bob

We still can expedite the transfer by contacting their live support @Bob Hawkes , they will approve it for you. I did it last night.
 
Last edited:
6
•••
Impact
34,358
Yes, just to update what I wrote earlier, you can now get auth codes again, and as @ET76 reports can get live support to expedite approval of the transfer.
 
6
•••

frank-germany

domainer since 2001 / musicianTop Member
Impact
14,206
5
•••

NYJimbo

Domain Re-AnimatorTop Member
Impact
6,980
I imagine the hackers are still inside their system(s).
Or will get back in any time. Everything I have seen so far is the epik is following the worst practices for security.
 
3
•••

NYJimbo

Domain Re-AnimatorTop Member
Impact
6,980
My plan is to stay away from Epik, at least for the time being. I pretty much stopped using them when Afternic dropped the 'swiss bank of domains' from the fast-transfer list.
That was the last straw for me. But like a fool i thought the worst was over and could reg some names that i didnt care about FT. Now this finally shows its never going to get better.

Its not the breach that bothers me. Its that the breach exposed how shitty epik is at security and protecting customers.
 
7
•••

Sacoplc

Established Member
Impact
20
3
•••

frank-germany

domainer since 2001 / musicianTop Member
Impact
14,206
One despising epik cannot bring epik down..

don't forget we talk about a domain registrar

and not "the >>lord<<'s domain registrar"
even though Rob thinks so
 
3
•••

kite26

Fearless BirdTop Member
Impact
6,393
Security must be the A and Z for any registrar. For any company, not only registrar actually. All the innovation should come as second priority. What to do the innovation when my cc is leaked?
 
Last edited:
7
•••

NameWell

Established Member
Impact
1,396
"As we work to confirm all related details, we are taking an approach toward maximum caution and urging customers to remain alert for any unusual activity they may observe regarding their information used for our services – this may include payment information including credit card numbers [...] At this time, we have not confirmed that your card information has been compromised. As a precautionary measure, you may choose to contact any credit card companies that you used to transact with Epik and notify them of a potential data compromise to discuss your options with them directly."

This is the only thing that actually worries me right now. What are the chances that hackers were able to reach credit cards data? I guess low... but still. Are you doing anything about it? Are you canceling your cards?
 
Last edited:
2
•••

frostify

Top Member
Impact
937
Just transferred out many of my domains that were on Epik over to another registrar.
Called my bank to cancel my debit card and have a new one with entirely new numbers mailed to me.
Changed all my passwords (using 1Password). It's been an incredible pain in the a**. A long time ago I remember them advertising themselves as the "Swiss Bank of Domains" and I thought I'd picked a secure registrar, boy was I wrong...
 
Last edited:
8
•••

Jurgen Wolf

standforUkraine.comTop Member
Impact
11,827
3
•••

Truespin Domains

Top Member
Impact
1,340
I have stepped back from domaining, but just before I did start using Epik and had been impressed with their platform. I'd assumed that if I got back into it, I'd use them. That won't be happening now.
 
2
•••

Mister Funsky

Top Member
Impact
24,224
Are you doing anything about it? Are you canceling your cards?

Yes...without hesitation. In the last 3 years I have had to cancel cards at one place or another due to a data breach 4 times. Not a big deal, just part of the reality of existing in a digital world filled with criminals.
 
Last edited:
8
•••