I have no far-right political beliefs but I use Epik.com almost exclusively due to their low pricing, support, and just general features. This hack makes me really want to consider just jumping ship and finding another registrar. I read the entire โpress releaseโ from Anonymous and this is really bad.
Data (supposedly) includes:
* All domain purchases
* All domain transfers in/out
* All whois history, unredacted
* All DNS changes
* All email forwards, catch-alls, etc
* Payment history
Account credentials for:
all Epik customers, hosting, Anonymize VPN, and so on
Epik internal systems, servers
Epik's GoDaddy logins
...and more! IN PLAINTEXT!
Git repositories for internal applications!
* SSH keys!
* /home/ and /root/ directories of one of their core systems!
Read the full release here from the hacker group known as โAnonymousโ.
Just for the record I do not support or condone the hack in any way, especially given Iโve been a loyal Epik customer.
Iโm extremely concerned if itโs true that lots of data was not properly encrypted and rather stored in plain text as this would just be pure negligence on behalf of Epik but I reserve judgement until we have more information and know all the facts. As it stands it is still extremely concerning. Would love to hear what Rob Monster has to say about this.
Like I said, I am reserving judgement until we have more information and word from Epik/Rob about how far reaching the hack was. We should give them a chance to give their side of the story. If that info was really unencrypted and stored in plain text thoughโฆ.
I think it goes without saying that everyone with an Epik account should IMMEDIATELY change their password and setup 2-factor authentication if you havenโt already.
