NameSilo

Epik Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021

Replies:
3,100
Views:
167,105

  1. tonyk2000

    tonyk2000 Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,466
    Likes Received:
    4,416
    Important observation: a lot of customers, especially non-U.S. based ones, have no interest in U.S. politics at all. Not only this, they do not care about differencies between lets say East Coast and West Coast, Weinstein and Epstein, Republicans and Democrats...
    Which is why an IT company, especially if it is providing services worldwide, shout simply stop mixing the business and politics...
     
    Last edited: Sep 19, 2021
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. xeroox

    xeroox Established Member

    Posts:
    585
    Likes Received:
    872
    And religion
     
  3. kite26

    kite26 Fearless Bird VIP

    Posts:
    6,144
    Likes Received:
    5,837
    I don't really want to say if i agree with mixing politics on business or not. However, i am sure that it has impact for a company which want to make a difference, positive or negative. Only the time will show if they can survive that.
     
    Last edited: Sep 19, 2021
  4. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,052
    Likes Received:
    10,932
    You already know: where is Moniker.
     
    Last edited: Sep 19, 2021
  5. jmcc

    jmcc Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,990
    Likes Received:
    2,464
    .COM Moniker Online Services LLC (IANA Id 228) 294,256

    Moniker had become a major player in the early domain name market but a lot of the buzz went out of the market when both large-scale Domain Tasting stopped and the SubPrime/property bubble burst. Think it is owned by a larger operator now. The highly successful hosting/registrar brands tend to target a wide market rather than concentrating on a niche.The reality is that many non-domainer registrants don't pay a lot of attention to which registrar they use. They tend to use the market leaders and continue to renew their domain names for the lifetime of their business. As the registrar reports show, transfers between registars are generally quite low compared to new and deleted registrations. At a web hoster level, the transfers are far more obvious.

    Regards...jmcc
     
    Last edited: Sep 19, 2021
  6. cbd

    cbd Top Contributor VIP Gold Account

    Posts:
    2,371
    Likes Received:
    1,299
    Here's just one example of what's being done with the massive data dump. Folks are just getting started, and intentions will vary. That's a shitload of now-public data. Some will be intent on profiting off the financials, others will stick to ideological goals, some simply enjoy chaos, others may attempt a ransomware attack.

    And you have to keep in mind that not all breaches are intentionally or quickly exposed - if it hadn't been made public in this manner, who knows how long it would have taken for it to be discovered.

    Personally I have zero confidence that there's only one exploitable hole in Epik, considering that they've apparently been ignoring multiple warnings about serious issues with their platform, and based on the shoddy work that has now come to light.

     
    Last edited: Sep 19, 2021
  7. cbd

    cbd Top Contributor VIP Gold Account

    Posts:
    2,371
    Likes Received:
    1,299
    @Rob Monster Will Epik allow this in this scenario, since it's permitted by ICANN?

    I think it's certainly appropriate considering the circumstances. It's not unreasonable for people to have serious concerns about the security of their domains locked at Epik.
     
    Last edited: Sep 19, 2021
  8. cbd

    cbd Top Contributor VIP Gold Account

    Posts:
    2,371
    Likes Received:
    1,299
    This just went out to over 6 MILLION Anonymous followers:



     
  9. Lox

    Lox _____ VIP

    Posts:
    3,822
    Likes Received:
    7,008
    US > Data Breach Response: A Guide for Business (FTC.GOV) PDF Attached.

    Regarding the EU Data protection... since personal etc information is invloved... "Data Protection Authority must be notified of a certain incident, and possibly the data subjects as well etc." (EU Data breach)

    Regards
     

    Attached Files:

    • DBR.pdf
      File size:
      321.4 KB
      Views:
      17
    Last edited: Sep 19, 2021
  10. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,052
    Likes Received:
    10,932
    Moniker was one of popular pornographic registrars.
     
  11. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,362
    Likes Received:
    6,750
    Out of curiosity, looking out for my own data, is there a way to check whether it's been reported?

    @epik , did you report it?

    There's a fair amount of EU located domainers here who are probably wondering the same thing.
     
  12. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,052
    Likes Received:
    10,932
    Don't tag @epik
    This account is dormant.
     
  13. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,362
    Likes Received:
    6,750
    They already allowed it before breach. Contact tony at E .com (you'll figure out the address) to request unlocking your names and provide the Auth codes. That was the procedure pre #epikfail
     
  14. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,362
    Likes Received:
    6,750
    Doesn't matter. They're following the thread anyway. But thanks :)
     
  15. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,362
    Likes Received:
    6,750
    Regarding transfer outs. If we transfer out within 45 days after we transferred to Epik, can we request a refund? since the registry will refund you?

    @Rob Monster
     
  16. Lox

    Lox _____ VIP

    Posts:
    3,822
    Likes Received:
    7,008
    Don't know.
    F.e. ... In April 2021, for delay in reporting data breach t.t. Dutch Authority, Booking.com has imposed a €475,000 fine
     
  17. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,052
    Likes Received:
    10,932
    I guess, they will forward you to hackers for this refund.
     
    Last edited: Sep 19, 2021
  18. CraigD

    CraigD Top Contributor VIP

    Posts:
    4,840
    Likes Received:
    11,377
    Wouldn't Epik have to operating in said countries to be in breach of their laws?
     
  19. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,362
    Likes Received:
    6,750
    Short version... No :). Goes beyond the scope of this thread. It's complicated.
     
  20. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,859
    Likes Received:
    5,373
    No.

    https://gdpr.eu/companies-outside-of-europe/

     
  21. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,859
    Likes Received:
    5,373
    About the obligation to notify of a breach under GDPR
    https://ec.europa.eu/info/law/law-t...ch-and-what-do-we-have-do-case-data-breach_en
    Googling this turned up quite a few ads for law firms offering to seek compensation for anyone affected by a breach!
     
    Last edited: Sep 19, 2021
  22. MasterOfMyDomains

    MasterOfMyDomains Top Contributor VIP ★★★★★★★★★★

    Posts:
    5,141
    Likes Received:
    5,832
    Found this on twitter via @epikfailsnippet
    Not sure if its relevant, dont know about any of these sites.

    In case anyone was curious, here are all of the domains owned by Michael Zimmerman aka Alex Jones' IT Director for FreeSpeech, LLC dba InfoWars

    pastebin.com/a8xQfY0H

    #EpikFail
    ——————————-
    From @blue_leaks
    Hacktivists from #Anonymous have released 180 GB from the domain registrar Epik. #EpikFail has already revealed who registered the website for the Oathkeepers, for TheDonald .Win, and what other domains are owned by Alex Jones’ IT director:
     
  23. cbd

    cbd Top Contributor VIP Gold Account

    Posts:
    2,371
    Likes Received:
    1,299
    Sounds like failed login attempts may have been stored in plaintext as well, meaning passwords you use on other sites may be included in the now-public data dump also.

    My suggestion then would be to go through and change your passwords essentially everywhere, ASAP, (and not just domain stuff) if you think you "might" have tried logging in with it at Epik in the last 10 years. This means your emails, crypto, online banking, domain marketplaces & registrars, streaming services, restaurant apps, game apps, etc -- anywhere and everywhere you may have used a potentially-leaked password.

    Going forward - be sure to use strong, unique passwords everywhere online. Pain in the ass for sure, but this is the reality of the world we live in.




     
    Last edited: Sep 19, 2021
  24. Mary Muse

    Mary Muse Top Contributor VIP

    Posts:
    1,607
    Likes Received:
    3,126
    Too late for "damage control" from a customer perspective. Idk about y'all but I'm pissed off beyond words. By both the negligent incompetence and the backwards ass politics.

    I wouldn't use Epik even if it was the last registrar on earth.

    They invite chaos and religious/political fanaticism. I just want a safe place to keep my assets, not a circus tent of bullshit.
     
  25. cbd

    cbd Top Contributor VIP Gold Account

    Posts:
    2,371
    Likes Received:
    1,299
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...