NameSilo

Epik Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021

Replies:
3,352
Views:
178,196

  1. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    14,147
    Likes Received:
    27,255
    Yeah, this is a key point. We are not dealing with a company worth billions of dollars.
    They have massive exposure, especially when it comes to the domain investing community.

    It would be in their best interest to release some kind of update. It is not believable in my view that law enforcement would be stopping them from issuing a basic statement.

    The longer it goes on, the worse it is going to get.

    Brad
     
    Last edited: Sep 15, 2021
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    They act like nothing happened or fake news. This tactics was chosen.
    ~3h ago I have received reply in my yesterday's ticket: As far as I'm aware, we are not being attacked by DDoS.
     
    Last edited: Sep 15, 2021
  3. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    14,147
    Likes Received:
    27,255
    I don't think the head in the sand approach is going to be a winning strategy here.

    This story is starting to make it on more mainstream news sites -
    https://www.jpost.com/diaspora/anti...ata-from-far-right-webhost-epik-report-679573

    Brad
     
    Last edited: Sep 15, 2021
  4. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,205
    Likes Received:
    4,245
    I think you're probably expecting a bit much from such a small company this early in the game. I'm not saying their response--or lack thereof--is reassuring, but it's par for the course. Most people involved probably don't even know the difference between a DDoS attack and a data breach.

    That's not to excuse their lack of security or preparedness, but we've seen similar behavior in the industry from other, less controversial companies.
     
  5. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    14,147
    Likes Received:
    27,255
    When you are a small company with so much exposure to one community, it is normally in your best interest to say something.

    No one is asking for some detailed analysis of every aspect of this hack. They just want some type of update, which I think is more than reasonable.

    Brad
     
  6. NickB

    NickB it's a mystery VIP

    Posts:
    5,688
    Likes Received:
    13,751
    Surely the decision makers in any company no matter what the size would be able to make an announcement no matter how small to show people they are working on it?
     
  7. Magul

    Magul White Bread is Head VIP ★★★★★★★★★★

    Posts:
    2,630
    Likes Received:
    1,210
    Epik is innovative and innovation improves bottom line for the industry.
     
  8. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    So slowness from nothing...
    Just overload from customers.

    According to my previous tickets and LiveChat - DDoS events are not rare on Epik, and were always confirmed if any.
     
  9. iAdam

    iAdam iadam.com ★★★★★★★★★★

    Posts:
    683
    Likes Received:
    1,558
    Probably they are still investigating, and they can't make announcement if they don't know what exactly happened.
     
  10. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,205
    Likes Received:
    4,245
    Of course, but incident response is a tricky beast. It's overwhelming at best. Even the most prepared teams have to prioritize and end up making decisions that don't necessarily look great in hindsight.

    There's always a human element, and as someone who's had experience being paged at 4 AM while on vacation because some random person decided that would be a great time launch an attack, I certainly empathize with what they're going through right now. Again, that's not to say I condone the silence or their security practices, but it's a tough situation to be in.

    Keep in mind the actual attack in the spotlight here wasn't a DDoS attack, and it's important not to conflate the two. Denial of Service is just that: users have trouble accessing a service. It doesn't mean data has been leaked. That's not what appears to have happened here.

    When enough real people visit a website, it has the same effect as a DDoS attack. If a lot of people are trying to log in right now, it will be indiscernible from the users' perspective: the site will slow down and fail to function properly. That's not an attack; that's just a side effect of everyone panicking.
     
  11. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    Were troubles...
    Yesterday were even periods of up to 20 minutes, when Federated Identity login page didn't load at all.
     
    Last edited: Sep 15, 2021
  12. xdomainer

    xdomainer Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,914
    Likes Received:
    702
  13. Kenny

    Kenny Top Contributor VIP Gold Account ★★★★★★★★★★

    Posts:
    14,920
    Likes Received:
    16,906
    @Paul Thanks for stepping up and letting us hear from your trusted perspective. There will be a lot of BS from both sides on this and hearing it from someone without an agenda helps.

    Peace,
    Kenny
     
  14. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    And I noticed these troubles even BEFORE this thread was started...
     
  15. NickB

    NickB it's a mystery VIP

    Posts:
    5,688
    Likes Received:
    13,751
    The Telegraph is a conservative newspaper - if you had said the Guardian.......maybe
     
  16. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    Use Google...
    This is just one publication from MANY sources...
     
  17. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,205
    Likes Received:
    4,245
    Let's not let this devolve into yet another flame war over Epik or politics. Given the circumstances, that would be entirely unfair to everyone involved. Notable sites in our industry have been getting hacked more and more often, regardless of their political alignment or lack thereof. Pointing fingers and debating motive does not help us move forward.

    Moderators, please take note.
     
  18. DN_Hunter

    DN_Hunter Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,228
    Likes Received:
    760
    Were there any reports that Masterbucks data was leaked?
     
  19. VadimK Iberica

    VadimK Iberica Established Member

    Posts:
    844
    Likes Received:
    1,475
    I agree. I was changing some prices yesterday and every time it was taking like 20 sec to update the price, while before the change was in an instance, less than a second.
     
  20. OmarVG

    OmarVG Top Contributor VIP

    Posts:
    3,031
    Likes Received:
    4,307
  21. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    ^
     
  22. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,205
    Likes Received:
    4,245
    It was on Hacker News yesterday, and probably on 4chan before that. Of course, it's possible there's also an ongoing DDoS attack, but it makes little practical difference.
     
  23. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,111
    Likes Received:
    21,599
    I have read they hacked it over the new Texas Abortion law .. as well as some of the domain sites that were allowed in .. or ALT Right people that use the hosting services or some shit like that … at any rate .. in the article I read it said they are going to release the data and whatever ..

    I don’t care about name .. address .. phone number or any of that stuff getting out .. I would give all that out and not even care ..

    So it’s all about financial info IMO .. credit .. debit card and ect .. I have been through a couple of data breach situations .. one of them I just waited to see if my CC would be used .. it was .. for two identical $500 purchases .. I got with the FBI after going through the fraud protocol with CC company .. the FBI located the person that made the charges on mine as well as others CC ..it was dark web shit and ended up resulting in 18 federal arrests
     
    Last edited: Sep 15, 2021
  24. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,074
    Likes Received:
    10,958
    So their BitMitigate is not ready even for Hacker News readers???
    Sorry, but I can't comment anymore these theories.
     
  25. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,205
    Likes Received:
    4,245
    I would hope that their login form is having trouble because they're using something more secure than MD5 for that system. Without getting too technical, the more secure your password storage solution, the more susceptible it is to being overloaded.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
biix
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...