alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Nikhil Jain]

Ok. So out of curiosity, I just logged into my Epik account just now only to find 3 of my domains in 'Unlock' state.

I checked and there is no transfer out taking place on them and they look fine. As per whois, and after verifying with chat support I can confirm these domains got unlocked on 15th or 16th Sept 2021.

I do not know if this has any relation to this incident that took place with Epik.

But just thought of sharing this scenario so that other members can verify that their domains are secured.

Epik support has forwarded my concern to their technical team to see if there was any unauthorized access into my account.

 

[eternaldomains]

The attack does not appear to have been successful. The attacker appears to have grown frustrated and attempted to register a new account when they weren't able to compromise existing accounts. The new account was flagged for review and closed.

If this is how the hacker does things then I have 4 suspects:

-------------------------------------------------------------------
Nidoma, BrandDo, PotDomains, & SEDO ?!?!!?!
-------------------------------------------------------------------

The one in red is highly suspect because it's the only one I registered under their UK subdomain [sedo.co.uk], the rest are under Italy, Private/Cayman, and US.

Now I believe the one impersonating me should have his account flagged for precaution.

https://domainnamestat.com/statistics/registrar/Epik_Inc_-IANA_ID-617

Upcoming deletes 279,329 (45.57%)

This site - I noticed the numbers change frequently. Just yesterday it was 46+%. Daily regs changed from XX to XXX even for data 2 days ago. So I'm not sure how accurate is this site. Anyone here from Alpnames? The site showed that Alpnames still have names there, seriously.

Ok. So out of curiosity, I just logged into my Epik account just now only to find 3 of my domains in 'Unlock' state.

I checked and there is no transfer out taking place on them and they look fine. As per whois, and after verifying with chat support I can confirm these domains got unlocked on 15th or 16th Sept 2021.

I do not know if this has any relation to this incident that took place with Epik.

But just thought of sharing this scenario so that other members can verify that their domains are secured.

Epik support has forwarded my concern to their technical team to see if there was any unauthorized access into my account.

Have you changed pw yet since the hack announcement? More data we have the better.

 

[Nikhil Jain]

Have you changed pw yet since the hack announcement? More data we have the bette

Yes I had changed the password probably on the day this thread came up.

 

[Jurgen Wolf]

It doesn't matter: how they update this stats.
Risks to lose domains remain the same.

 

[NicTraders]

@Paul Thanks for all your input here. Great to have someone who actually knows what they're talking about, instead of lots of assumptions. Anyway, I was just wondering if you've established from the dataset whether CVV's were stored with the CR Card details?
Thanks!

 

[Jurgen Wolf]

The site showed that Alpnames still have names there, seriously.

Why not???
They can have ccTLDs regardless of ICANN accreditation.

 

[Jurgen Wolf]

Epik support has forwarded my concern to their technical team to see if there was any unauthorized access into my account.

So you didn't use 2FA, right?

 

[Nikhil Jain]

So you didn't use 2FA, right?

No. At Epik, I never had 2FA.

 

[Mister Funsky]

I just logged into my Epik account just now only to find 3 of my domains in 'Unlock' state.

This has happened to me in the past causing significant panic. I immediately reactivated the lock and asked what happened...I got a response but can't access that file at the moment but it was sufficient to keep me calm. Since they do not send an email (like some other registrars do) when an unlock happens, out of habit I check my lock status on a regular basis.

btw, activate 2fa now if you have not

 

[Jurgen Wolf]

As of now, epik.com doesn't work for me at all.
NXDOMAIN response.
The same I see via https://cachecheck.opendns.com

 

[Mister Funsky]

As of now, epik.com doesn't work for me at all.

Gone now for me as well.

ADD...now it is back

 

[johnn]

The $2,000 question is where is Rob Monster hiding.
The last time that he post/spam something here is on September 7.
Not a good and professional practice to leave thousand of customers here in the dark.

 

[namezest]

Maybe the noobs need to watch now for phishing emails.

 

[Jurgen Wolf]

The $2,000 question is where is Rob Monster hiding.
The last time that he post/spam something here is on September 7.
Not a good and professional practice to leave thousand of customers here in the dark.

He is here daily.
But only in DM mode.

 

[Lox]

3.5 hours of Epik CEO Rob Monster's live Q&A

 

[bmugford]

Is this Epik's current strategy? It sure seems like it.

 

[Future Sensors]

3.5 hours of Epik CEO Rob Monster's live Q&A

Rob should buy them better microphones.

 

[johnn]

The microphones have been hacked also.

 

[DaveX]

Makes no sense....

2hrs ago..

https://twitter.com/x/status/1439224134878310405

43 min ago...

https://twitter.com/x/status/1439264079290507270

 

[Jurgen Wolf]

No posts = No dislikes.
This is their strategy.