alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Start]

^ Are those numbers from the hacked info?

The .com figure is more than twice what domainnamestat.com said.

Also, these are pretty high amounts for low quality TLDs:

1. | TOP | 72803 |
2. | XYZ | 53484 |
3. | LONDON | 28444 |
4. | CITY | 23040 |
5. | BOSTON | 17011 |

 

[dirk]

Yes, but they don't have such HUGE volume in these TLDs.
See numbers above...

Agreed. Still a big gap. Let's see how this develops.

 

[blockhead]

Gotta wonder if Rob's looking for a new lawyer after doing that video chat. Definitely a lot to unpack there.

 

[Jurgen Wolf]

Are these Epik reg numbers?

Source of your numbers?

 

[Beezy]

Source of your numbers?

This tweet:

https://twitter.com/x/status/1438995730803294210

(feel free to delete anything mods if you need to).

 

[Jurgen Wolf]

^ Are those numbers from the hacked info?

The .com figure is more than twice what domainnamestat.com said.

Also, these are pretty high amounts for low quality TLDs:

1. | TOP | 72803 |
2. | XYZ | 53484 |
3. | LONDON | 28444 |
4. | CITY | 23040 |
5. | BOSTON | 17011 |

Numbers of Feb'28?
Forget them.
We are talking about the current September's deletes.

 

[Future Sensors]

I'll tag @Rob Monster

Maybe he can tell more.

 

[dirk]

https://twitter.com/x/status/1439020408783654917

 

[Marshall]

Hackers alter Epik’s knowledge base to mock company’s response

Source: https://arstechnica.com/information...of-data-from-epik-web-host-of-gab-and-parler/

 

[namezest]

Any evidence of sub proxy server use? If so then financial stuff is not limited to last 4 digits.
User names passwords addresses emails.....

 

[dirk]

Would've been nice to get that by email. And pin it for f*cks sake!

 

[Jurgen Wolf]

So according to the posted data on previous page - Epik had up to 1.5M domains under their management as of March'1.

Now (including upcoming deletes) they have ~4.5 times less.
https://domainnamestat.com/statistics/registrar/Epik_Inc_-IANA_ID-617

 

[Start]

So according to the hacked data they had up to 1.5M domains under their management as of March'1.
Now they have ~5 times less.

It's not 5 times less, is it?

The page here says ~612,000 domains:
https://domainnamestat.com/statistics/registrar/Epik_Inc_-IANA_ID-617

but also doesn't seem to include .xyz domains.

And the graph shows that as of March 1, 2021, they had (according to domainnamestat anyway) 521,000 domains.

A problem I've noticed in the past is that the numbers at registrar stats site may not be accurate, although it is useful to get an idea of who's bigger.

Also, here's another site with different stats:
https://archive.today/XGiwB

That's from Aug 2020, and that site has figures almost 50% higher than what domainnamestat.com shows for Sept 2020.


Basically, I'm saying the stats on those sites aren't necessarily accurate.

Anyway, ~280,000 domains in redemption/deletion is certainly very high though.

 

[Grilled]

https://twitter.com/x/status/1439020408783654917

Would've been nice to get that by email. And pin it for f*cks sake!

Agreed.

Though, at least this tweet didn't sound like it was written by a menacing conspiracy artist, or make it about religion or politics. It sounds like snarky has been put in his cage at least for the time being.

On an unrelated note, this last tweet about the Epik data breach, is now aging awkwardly above their 2022 HardDrives.com venture tweet.

eg

(Last Tweet) August 23: Sneak peak to our new data protection products
(Newest Tweet) September 18: We lost your/our data.

...


#EpikFail coments:
....

https://twitter.com/x/status/1438535294618267659

...

https://twitter.com/x/status/1438576322666762243

 

[Marshall]

Would've been nice to get that by email. And pin it for f*cks sake!

If that's right then I can only imagine the terrible handling of this situation where a lot of folks maybe haven't even received a mail about the breach.

Well, I've received Rob's mail (I think someone has posted bits of that mail here in this thread) saying that some terrible compromise has happened. Though there was no clear mentioning of a security breach, it was quite understandable that they're hacked.

The mail ends with this:

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc

Quite a way to end a high priority security breach mail.

But didn't paid any attention as I don't have any domains with them from a long time.


Some notable points so far:

- Hacker group Anonymous performed the hack named 'Operation Jane' and uploaded 180 GB of user data to torrent sites

- The hacking was performed because of their Right wing support approach and had something to do with The Texas Abortion Law.

- Apparently, website security was so low on Epik’s priorities that hacking it was easy as running a line of code.

(Source: https://narativ.org/2021/09/17/operation-jane/)

 

[Beezy]

If they lose zero domains they can still call themselves the swiss bank, so take that haters.

 

[Jurgen Wolf]

https://en.wikipedia.org/wiki/Stockholm_syndrome

 

[bmugford]

If they lose zero domains they can still call themselves the swiss bank, so take that haters.

Just not the Swiss bank of data.

Brad

 

[.X.]

If that's right then I can only imagine the terrible handling of this situation where a lot of folks maybe haven't even received a mail about the breach.

Well, I've received Rob's mail (I think someone has posted bits of that mail here in this thread) saying that some terrible compromise has happened. Though there was no clear mentioning of a security breach, it was quite understandable that they're hacked.
But didn't paid any attention as I don't have any domains with them from a long time.


Some notable points so far:

- Hacker group Anonymous performed the hack named 'Operation Jane' and uploaded 180 GB of user data to torrent sites

- The hacking was performed because of their Right wing support approach and had something to do with The Texas Abortion Law.

- Apparently, website security was so low on Epik’s priorities that hacking it was easy as running a line of code.

(Source: https://narativ.org/2021/09/17/operation-jane/)

I received a letter as most did...but still have no idea of what financial the hacker holds ...the hack itself i am not mad about ... it happens .. data breach ... it happens ... i am only wanting what the hell financials are in the hackers hands ...

I am not mad at Rob ... I am very disappointed in Rob ... To me...Rob is a good person ...his intentions are usually good.. in this case of the breach and hack... it has been handled very badly for the consumers IMO... yes i know do due diligence on your own with the financials... i did that immediately ... but the no communications has been terrible ...not everyone ..such as myself uses social media ..twitter ..facebook and all that... i don't even have social accounts... so the way i receive any social media posts is here in this very forum ... from a business stand point ... its worse that terrible not to know the financials part of the hack

 

[Lox]

If you're staying @ E ... change your whois email (for admin and tech) asap.