alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[mr-x]

That is no way to run a company.

Brad

Well... it's not a good way.

 

[Derek Peterson]

Rob Monster making false claims about his products and services is nothing new. Here is a thread I started several years ago discussing Epik's DDoS white label. If you are wondering why I started acting nicer later in the thread it is because Rob sent me an email asking me to call him (see attachment). When I called him he apologize profusely for helping Gab commit fraud, lying about his products, calling me names wrongly and went on and on about why he was doing the things he was doing I was right and he was wrong and promised to make it all right in the next days. Of course with a bunch of Christian hyper-spiritual talk, which I fell for. However, he did not makes things right, so I resumed.

https://www.namepros.com/threads/is-epik-coms-bitmitigate-for-real.1133231/

 

[finitecrystal]

That is no way to run a company.

Brad

It also doesn't make sense. If that's true the hacker had more access to Epik's registrar server than Epik did. Seems pretty nonsensical to me.

 

[mr-x]

Rob Monster making false claims about his products and services is nothing new. Here is a thread I started several years ago discussing Epik's DDoS white label. If you are wondering why I started acting nicer later in the thread it is because Rob sent me an email asking me to call him (see attachment). When I called him he apologize profusely for helping Gab commit fraud, lying about his products, calling me names wrongly and went on and on about why he was doing the things he was doing I was right and he was wrong and promised to make it all right in the next days. Of course with a bunch of Christian hyper-spiritual talk, which I fell for. However, he did not makes things right, so I resumed.

https://www.namepros.com/threads/is-epik-coms-bitmitigate-for-real.1133231/

I can read all but two digits of his phone number.

 

[Derek Peterson]

I can read all but two digits of his phone number.

I couldn't but reuploaded. Can you still read it?

 

[mr-x]

I couldn't but reuploaded. Can you still read it?

no.

 

[Derek Peterson]

Here are several more examples of me calling out Rob Monster on this site for making false claims.

https://www.namepros.com/threads/wh...-and-rob-monster.1128748/page-55#post-7203420

https://www.namepros.com/threads/wh...-and-rob-monster.1128748/page-55#post-7203431

https://www.namepros.com/threads/wh...and-rob-monster.1128748/page-108#post-7459953

 

[Future Sensors]

The Epik data breach is political in nature — here's why you should care

"Given the prevalence of hacking, it's concerning to see a group of hackers target an organization and its members due to their political beliefs."​

Read more:

https://blog.avast.com/epik-data-breach-avast​

 

[Future Sensors]

The Epik data breach is political in nature — here's why you should care

"Given the prevalence of hacking, it's concerning to see a group of hackers target an organization and its members due to their political beliefs."​

Read more:

https://blog.avast.com/epik-data-breach-avast​

From the article:

The breach mentioned previously took place within the US, so the GDPR does not apply [...]​

But it's not that simple:

https://gdpr.eu/compliance-checklist-us-companies/​

https://blog.netwrix.com/2020/03/27/gdpr-in-the-us/

https://termly.io/resources/articles/gdpr-in-the-us/​

 

[finitecrystal]

The Epik data breach is political in nature — here's why you should care

"Given the prevalence of hacking, it's concerning to see a group of hackers target an organization and its members due to their political beliefs."​

Read more:

https://blog.avast.com/epik-data-breach-avast​

This strikes me as avast! concern trolling about "[political opinions], [...] racial or ethnic origin, religious or philosophical beliefs, or trade union membership, [being] used to discriminate against people throughout history", while completely disregarding the fact that the political opinions of the subset of Epik's customers that inspired the hack are in favor of such discrimination. Very tonedeaf.

 

[DN Playbook]

From the article:

The breach mentioned previously took place within the US, so the GDPR does not apply [...]​

But it's not that simple:

https://gdpr.eu/compliance-checklist-us-companies/​

https://blog.netwrix.com/2020/03/27/gdpr-in-the-us/

https://termly.io/resources/articles/gdpr-in-the-us/​

Does this mean that Epik has legal liability for clients in the EU? How would that work? Since Epik does not have presence outside the US, AFAIK. How would that law be enforced? As far as I can see GDPR would be enforceable only for companies that have legal presence in countries that are part of the EU.

 

[finitecrystal]

Does this mean that Epik has legal liability for clients in the EU? How would that work? Since Epik does not have presence outside the US, AFAIK. How would that law be enforced? As far as I can see GDPR would be enforceable only for companies that have legal presence in countries that are part of the EU.

I'm not a lawyer, but I believe they're required to comply with European data privacy laws if they accept clients in the EU.

 

[FernandoBMS]

Also, is it already clear where the hacked data was stored? I don't doubt it was stored on a server in the UK or Crimea, for example.

 

[.X.]

Does anyone think the Facebook .. Instagram and WhatsApp could be more possible hacking ???

so far as I know of .. Epik .. oath keepers .. are definite hacks with leaks .. I think there is 1 more as well ??

 

[carob]

Does this mean that Epik has legal liability for clients in the EU? How would that work? Since Epik does not have presence outside the US, AFAIK. How would that law be enforced? As far as I can see GDPR would be enforceable only for companies that have legal presence in countries that are part of the EU.

GDPR does apply to Epik, as well as GDPR non-compliance fines:

Law applying outside Europe:
https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-32#post-8399821

Fines:
https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-33#post-8400039

Example amounts of fines:
https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-33#post-8399925

 

[jmcc]

Does anyone think the Facebook .. Instagram and WhatsApp could be more possible hacking ???

so far as I know of .. Epik .. oath keepers .. are definite hacks with leaks .. I think there is 1 more as well ??

FB seems to think that it was their own modifications that broke everything.
https://engineering.fb.com/2021/10/04/networking-traffic/outage/

CloudFlare has a good explanation of the effects:
https://blog.cloudflare.com/october-2021-facebook-outage/

Regards...jmcc

 

[dirk]

Also, is it already clear where the hacked data was stored? I don't doubt it was stored on a server in the UK or Crimea, for example.

AWS was mentioned somewhere. Can't find the link right now.

 

[.X.]

FB seems to think that it was their own modifications that broke everything.
https://engineering.fb.com/2021/10/04/networking-traffic/outage/

CloudFlare has a good explanation of the effects:
https://blog.cloudflare.com/october-2021-facebook-outage/

Regards...jmcc

the reason I asked is the whistle blower on 60 minutes vs the outages happening less than 24 hours later .. coincidence and the unexplainable has become a feast since 2020 … or .. explainable but makes no sense to the contrary.

I remember when I first heard of Hackers .. it appeared more of strategy .. even perhaps a game of jail breaking code to experience the fall out. Some people say that some Hacking groups have been taken over by the CIA and the likes of .. that due to a great Hackers talent to retrieve intelligence Data from websites that are supposed to be Un Hackable … many theories and opinions have been circulating for years now regarding what a government does with these extremely talented hacker individuals once they are caught and a gov has them in custody … would it be far fetched to think a gov would ally with these individuals to do work for them ?? I would think it sounds very logical and practical for the Govs to use these individuals talents .. you have to have the best to defeat the best .. at any rate .. those theories and questions could only be answered by infamous hackers..

It seems Hacking has its own market as well .. it brings in billions if not trillions of dollars in revenue from the sale of coding ..the sale of data .. phone numbers .. softwares and apps .. the old but once very popular Firewall .. IT and internet security specialists .. all of these services derived from the day hacking became a name.. we all want a safe computer and safe websites .. right?? “HTTPS” protocol once sold for good $$$$s .. the price has gone down.. but these goods and services to detour Hacking is passed down to the average consumer buying these products to stay safe on the Net .. to protect your websites .. to protect yourself from identity theft … there’s a huge racket of billions of dollars that the consumer dishes out cash for identity monitoring.. enough is never enough because once you think you have everything safe .. bam .. out comes the next threat you must buy something for to protect your computer .. your website .. your identity .. so it’s a never ending game of shelling out cash for protection against hackers .. exploits ..

How much is enough??

as I have read .. it appears the Epik hack began as a exploit to gather data to expose certain people for their affiliations and so forth … in the end .. thousands of innocent people will have paid the price for the few .. as I doubt the numbers of the targeted will even make up 10% of the complete data dump .. to become a victim of circumstance is most usually construed as a victim heinous crime .. yes it happens as the world goes round .. innocent children and adults are shot by drive by shooters who are targeting a rival and ect … these crimes can not be justified under any circumstance .. not the lack of a innocent child playing outside wearing a bullet proof vest to survive a senseless drive by shooting .. the same applies with any Hack that affects thousands of innocent people .. bad security .. improper data storage .. there is no bad security and improper Data storage ..if someone doesn’t break into it and steal it ..

there is no justification to release millions of innocent non targeted peoples personal information and financials.. collateral damage must be imminent to achieve the objective ?? Tell that to the family who lost an innocent loved one to a drive by shooting .. a drunk driver .. a innocent person who lost their life in a convenient store because an armed robbery occurred while that person was there to by a energy drink..

Crimes are crimes .. when innocent people get caught up in crimes .. they become heinous crime ..

 

[Derek Peterson]

the reason I asked is the whistle blower on 60 minutes vs the outages happening less than 24 hours later .. coincidence and the unexplainable has become a feast since 2020 … or .. explainable but makes no sense to the contrary.

I remember when I first heard of Hackers .. it appeared more of strategy .. even perhaps a game of jail breaking code to experience the fall out. Some people say that some Hacking groups have been taken over by the CIA and the likes of .. that due to a great Hackers talent to retrieve intelligence Data from websites that are supposed to be Un Hackable … many theories and opinions have been circulating for years now regarding what a government does with these extremely talented hacker individuals once they are caught and a gov has them in custody … would it be far fetched to think a gov would ally with these individuals to do work for them ?? I would think it sounds very logical and practical for the Govs to use these individuals talents .. you have to have the best to defeat the best .. at any rate .. those theories and questions could only be answered by infamous hackers..

It seems Hacking has its own market as well .. it brings in billions if not trillions of dollars in revenue from the sale of coding ..the sale of data .. phone numbers .. softwares and apps .. the old but once very popular Firewall .. IT and internet security specialists .. all of these services derived from the day hacking became a name.. we all want a safe computer and safe websites .. right?? “HTTPS” protocol once sold for good $$$$s .. the price has gone down.. but these goods and services to detour Hacking is passed down to the average consumer buying these products to stay safe on the Net .. to protect your websites .. to protect yourself from identity theft … there’s a huge racket of billions of dollars that the consumer dishes out cash for identity monitoring.. enough is never enough because once you think you have everything safe .. bam .. out comes the next threat you must buy something for to protect your computer .. your website .. your identity .. so it’s a never ending game of shelling out cash for protection against hackers .. exploits ..

How much is enough??

as I have read .. it appears the Epik hack began as a exploit to gather data to expose certain people for their affiliations and so forth … in the end .. thousands of innocent people will have paid the price for the few .. as I doubt the numbers of the targeted will even make up 10% of the complete data dump .. to become a victim of circumstance is most usually construed as a victim heinous crime .. yes it happens as the world goes round .. innocent children and adults are shot by drive by shooters who are targeting a rival and ect … these crimes can not be justified under any circumstance .. not the lack of a innocent child playing outside wearing a bullet proof vest to survive a senseless drive by shooting .. the same applies with any Hack that affects thousands of innocent people .. bad security .. improper data storage .. there is no bad security and improper Data storage ..if someone doesn’t break into it and steal it ..

there is no justification to release millions of innocent non targeted peoples personal information and financials.. collateral damage must be imminent to achieve the objective ?? Tell that to the family who lost an innocent loved one to a drive by shooting .. a drunk driver .. a innocent person who lost their life in a convenient store because an armed robbery occurred while that person was there to by a energy drink..

Crimes are crimes .. when innocent people get caught up in crimes .. they become heinous crime ..

I don't agree with your logic:
Everyone caught up in the hack was innocent, except for all of Epik's pedo porn site owners. None of them, as far as I know, were breaking the law in US, where EPIK resides. None of them deserve to have their data stolen or be doxed. None of them deserve to go to prison for things they believe in their hearts, even if they live in an oppressive country, a terrible country with hate speech laws or a country with sharia type laws.

I don't agree with your analogies:
Imagine a school with a bunch of kids, the parents trust their kids with that school but the school has no one at the door checking adults who enter, any ol pervert can enter and rape a child. Of course the perverts are wrong, but there are always perverts in the world, it is the school's responsibility to protect those children from the perverts.

 

[Bob Hawkes]

Same here. Cannot login even though I changed my password after the breach and it worked fine just after that.

I reset password and have no problem logging in - have been in and out a number of times last day doing various things. Hope customer service are able to sort it out for you.
Bob