alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[bmugford]

I pressed them and they auto approved. I disagree its good to wait a week. I have 2Factor on and zero reason to not approve my request. One of the names I sold. Not telling my customer to wait a week

I think that is a tough situation. They basically went from not being aware of a data breach, to it being some remote backup server, to a situation now where it appears like pretty much all their data was breached.

I doubt Epik really even knows the scale of the data breach. There is a fine line to balance between allowing transfers and protecting customers. It is certainly inconvenient when it comes to doing business though.

Brad

 

[Windoms]

I'm starting to think that Epik should better sell the business asap.

Lol whose buying them no ones crazy.

There goes epiks last fanboy customer.
The lawn is epik's ground.
The tiger is the hackers.
The water is whatever we can find first.

 

[Windoms]

I think they just want to freak us out.
Quite effective if you ask me.

 

[Lox]

For Epik - cover/ secure directories (open folders , etc) @ Fe….Id… and Id,Fe…id…. (/../../../files)

Regards

 

[Shackleton]

I wouldn't give Monster a nickel. Yet he somehow managed to compromise the main e-mail that I've had for more than 20 yrs in this hack. I demand one year of a free credit monitoring service. People better get their Masterbucks out while they can as everything is going to fall apart.

 

[Joe123]

I thought I've had absolutely nothing to do with Epik, I don't recall ever creating an account or doing business with them.

For the heck of it I checked my primary email address on the Have I Been Pwned website. What do you know, but Epik is listed as one of the breaches!

Searching my email history, I discover a solitary email containing the word "epik", from 2015:

Hello Xxxxx:

I am the Client Services Manager here at Epik.com.

According to the most recent published ICANN report, Epik is one of the fastest growing registrars in terms of net domains added. The fact is our customers love us and rewarded us with a 90% growth rate in Q1 2015.

I am wondering if I could get a few minutes of your time to discuss how Epik's full-service registrar and hosting platform can help you to get more out of your domains while simplifying domain management.

Are you available for a quick call?

Thanks!​

 

[DN_Hunter]

I think it's better with no approve button right now. With domains at risk in case someone somehow gets a valid auth code for a domain (and maybe is able to login somehow, to unlock a domain too), it allows more time to notice an unauthorized transfer out.

But if you ask support, are they able to expedite it so the transfer goes through?

Yes, I sent them an email the domain names to Approve Transfer, and my Account Pin# (I changed the PIN# afterwards). They approved the transfer and the domain names transferred out succesfully.

When I do transfers, I don't like to wait the 4-6 days. So I only use Registrars that allow Immediate Transfer Approvals.

 

[Lox]

If PWNED: Domain investors should change the email address - everywhere, every registrar. Create a new email address & start. Don't use your pwned email address for whois. (* A bunch of registrars will impose a 60D lock.) IMO

Regards

 

[branding]

... In February 2021 epik.com got hacked via their service provide AWS ... And did not notify any customers or clients of these events ....

... The data was released from the data breach of Epik early August 2021 to identify the hackers...

Not gonna send any traffic to the source but if true that's a questionable timeline of events.

 

[Jurgen Wolf]

@Lox
My WHOIS email even in 3 breaches, epik is just 3rd.
Never had any 60d locks with registrars due to this reason.

 

[frank-germany]

I was thinking of such recently without reading anyones info but did not wanted to post because most already think I m crazy.
We the end users have the illusion of security which was created for us, but there are intentional direct access back doors which are created for them, those who rule Echelon project.
Here is something that I experience from when I have begin domaining, every time I don't hand register some specific domains I take a screenshot as evidence for later, the next day I decide to go and hand reg those domains and I see that some of them are already registered with some old reg date, then I go to chk my screenshots and surprise the screenshot is nowhere to be found, I trust my memory and I know I m right.
The domains were hand registered at different registrars but the most frequent was Godaddy you know the DN beast of internet.

go and prove that next time
in posting the screenshot the same day here at namepros

I'm so sick of fake news

 

[frank-germany]

Once again, enough with the flame wars. People are busy trying to figure out how to respond; they don't want to read through pages of the same arguments that have been taking place for years--it's not helpful.

yes, but this place is a forum
so I think
it's the right places to discuss these issues

 

[Lox]

@Lox
My WHOIS email even in 3 breaches, epik is just 3rd.
Never had any 60d locks with registrars due to this reason.

E data; personal info+emails <> domains: has made it less complicated to steal/hijack (valuable) domains. IMO
----
If registrar doesn't use " internal whois change", the 60d lock can be forced.

 

[Jurgen Wolf]

https://www.internetx.com/en/domains/become-a-reseller/
Submit this form - and they will answer all your questions.
I'm not their representative and not their partner.

Prices depend on your volume.
That's all I can say.

I know at least 2 domainers there...
Were no complaints regarding quality of their service.

 

[Lox]

.

My prediction: After this, a capital injection will be used to expand the E ecosystem operation.

My prediction is not valid anymore.

 

[Samer]

This is a fake terrorist Anonymous.

Samer

 

[robs01]

Why is it that we have the same commenters going on and on and on and on and on and on with hammering Epik on this, and pushing that people get away from them? How many comments have the same people done in this one thread?

This behavior would/should under normal circumstances be labelled as trolling, yet nobody says a word about it. It is identical to what the corrupted media does against Epik. I wonder if this is deliberate, or if they simply don't realize the excessive obsessiveness of what they are doing?

 

[branding]

Why is it that we have the same commenters going on and on and on and on and on and on with hammering Epik on this, and pushing that people get away from them? How many comments have the same people done in this one thread?

This behavior would/should under normal circumstances be labelled as trolling, yet nobody says a word about it. It is identical to what the corrupted media does against Epik. I wonder if this is deliberate, or if they simply don't realize the excessive obsessiveness of what they are doing?

It has nothing to do with Epik. It's about warning people so they can keep their assets safe. Since communication from E is underwhelming Its only a good thing people keep adding info to this thread.

 

[Jurgen Wolf]

I use Epik for MANY years and also MANY my domains there...
And they offered only hugs.

 

[oldtimer]

Why is it that we have the same commenters going on and on and on and on and on and on with hammering Epik on this, and pushing that people get away from them? How many comments have the same people done in this one thread?

This behavior would/should under normal circumstances be labelled as trolling, yet nobody says a word about it. It is identical to what the corrupted media does against Epik. I wonder if this is deliberate, or if they simply don't realize the excessive obsessiveness of what they are doing?

Good points,

There are mainly two reasons for this:

Money

and

Politics

When it comes to money you have to realize that there might be hidden loyalties and alliances behind the scenes between some domainers and other registrars that see this as an opportunity to take one of their competitors out and perhaps take over some of their customers.

And as far as politics go, well we all know that some people seem to have an ideological vendetta against Epik that has been going on for a long time and rightly or wrongly they see this as an opportunity to vent some of their frustrations.

The only way to have a positive ending to this situation is to use this opportunity to bring some reforms to Epik and to the domain Industry at large (perhaps even to NamePros too).

IMO

 

[DomainNature]

Why is it that we have the same commenters going on and on and on and on and on and on with hammering Epik on this, and pushing that people get away from them? How many comments have the same people done in this one thread?

This behavior would/should under normal circumstances be labelled as trolling, yet nobody says a word about it. It is identical to what the corrupted media does against Epik. I wonder if this is deliberate, or if they simply don't realize the excessive obsessiveness of what they are doing?

This is because most of those who comment against Epik are Agents of other registrars, and for them is a plus what happens, I would not exclude them to be involved in the hack, as I asket a registrar in feedback before this hack "what you will do now that Epik has best prices and support on the marked" well it can be who knows, nothing is a coincidence.

 

[bmugford]

Good points,

There are mainly two reasons for this:

Money

and

Politics

When it comes to money you have to realize that there might be hidden loyalties and alliances behind the scenes between some domainers and other registrars that see this as an opportunity to take one of their competitors out and perhaps take over some of their customers.

And as far as politics go, well we all know that some people seem to have an ideological vendetta against Epik that has been going on for a long time and rightly or wrongly they see this as an opportunity to vent some of their frustrations.

The only way to have a positive ending to this situation is to use this opportunity to bring some reforms to Epik and to the domain Industry at large (perhaps even to NamePros too).

IMO

Again, politics aside this appears to just be some really shitty cybersecurity.

- Storing stuff like credit cards, passwords, etc. in plain text.
- Using internal passwords like "123"
- Ignoring warnings about potential for security breaches.
- Data breach includes subpoenas and grand jury information involving ongoing investigations.
- Initially downplaying the seriousness of the hack.

and much more...

Instead of the classic ignore, deflect, blame others Epik is going to be forced to take responsibility for this one, especially when it now involves data linked to 3rd parties that had nothing to do with Epik.

All you have to do is go on Twitter in the last day and see countless people talking about being caught up in this data breach, and having no idea who Epik is.

They are also going to have to answer to major credit card companies on why payment information was stored in plain text.

Brad

 

[oldtimer]

Again, politics aside this appears to just be some really shitty cybersecurity.

- Storing stuff like credit cards, passwords, etc. in plain text.
- Using internal passwords like "123"
- Ignoring warnings about potential for security breaches.
- Data breach includes subpoenas and grand jury information involving ongoing investigations.
- Initially downplaying the seriousness of the hack.

and much more...

Instead of the classic ignore, deflect, blame others Epik is going to be forced to take responsibility for this one, especially when it now involves data linked to 3rd parties that had nothing to do with Epik.

The are also going to have to answer to major credit card companies on why payment information was stored in plain text.

Brad

All Good points,

Although at some point everyone has to decide whether they want to see some reforms at Epik (and the domain Industry at large) or whether they are out for blood and want to destroy.

If the objective is to bring about some reforms then the discussions have to take a different direction.

IMO

 

[bmugford]

All Good points,

Although at some point everyone has to decide whether they want to see some reforms at Epik (and the domain Industry at large) or whether they are out for blood and want to destroy.

If the objective is to bring about some reforms then the discussions have to take a different direction.

IMO

Yeah, and that point is a long way away. Epik is going to be dealing with the fallout from this for a long time.

They have barely even given much of an update on what actually happened, how it happened, what customers are supposed to do, etc.

They have a lot of explaining and damage control to do regarding how this situation happened until they can even worry about rebuilding their brand.

Brad

 

[bmugford]

Lots of posts on Twitter just like this -


jonathanwthomas
@jonathanwthomas

5m
So, this is nice. A company I’ve never done business with, and would never do business with, has my personal information on file and it was just unveiled in a massive hack. Great. Epik clearly does not care about anyone’s privacy. Time for data protection orgs to be notified.

Richard Hay
@WinObs
·
10m
I was notified this weekend that my data was in this breach. I've never done business with Epik. Why am I part of this? Because they scraped the WHOIS database and saved that data on their servers. It is time for Domain Privacy to no longer be an up charge by registrars!

This data breach involves millions of people's information that have never done business with Epik, due to them scraping WHOIS.

Brad