alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[The Rover]

There should be a more public statement than just email. Use social media, blog, etc., to push back and rebuild confidence. All hands on deck.

They're likely utterly inundated and trying to assess everything before releasing further details. They probably don't want to "tip off" what they know and don't know etc..

 

[The Rover]

Just got email from epik and there they state: "You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good."

I'm not against prayers - but I'm against not telling customers that basically no adequate security measures are in place to protect their data and that "security" at Epik actually means "after all your private data got hacked we'll pray for you".

Any site can be hacked, even sites with maximum security. Suggesting that Epik had nothing in place to protect their customers is an absurd notion. If you want to be angry, be angry at the motivation behind the attack.

 

[Paul]

Any site can be hacked, even sites with maximum security.

Correct.

Suggesting that Epik had nothing in place to protect their customers is an absurd notion.

Well, there were definite lapses in their security--I would go so far as to say a concerning amount, but the only data I have is the data that an attacker was willing to release.

If you want to be angry, be angry at the motivation behind the attack.

We don't know the motivation, though. Preliminary evidence points to some combination of hacktivism, money, and/or amusement. All we have to go on for the first option is the attacker's word, which I'm not inclined to trust. There are discrepancies in the data that indicate money was a possible factor, and the close affiliation with 4chan means it could've simply been for amusement. None of the evidence favoring any of these options is sufficient to draw a solid conclusion; we'll need to wait until we have more info.

 

[DN Playbook]

@Alop https://slate.com/culture/2021/06/woke-critical-race-theory-definition-history-meaningless.html

 

[Abdillahi Abdillahi]

I have been unable to login into my account at all It tells me wrong username and password. Can everyone login?

 

[jmcc]

Notably, many of the passwords appear to have been replaced with placeholders that don't appear long enough to be hashes. I'm not certain this was the hacker's doing, but it's a sign they might have kept some of the data for themselves. If that's the case, I would assume that money is also a motive, if not the primary motive.

This might be restating the obvious but that unsalted MD5 hash claim about password storage was worrying. If the passwords were hashed and stored using unsalted MD5, it is game over. Having a "strong" password in that case will not save anyone's password because there are techniques that can be used to "break" the hashed passwords. Obviously, people should not use the same password on multiple sites and should immediately change passwords if they have not done so.

Regards...jmcc

 

[DrJacoby]

Folks, no need to be worried about your password and credit card information. Monster is praying.

 

[Jurgen Wolf]

The main issue is not that they were hacked, but with their worldwide image (it affects our sales definitely).

 

[dirk]

Update:

now, most of you will have seen our first official update sent via email today.

Quick supplemental update:

- Cyber forensic work is moving swiftly.

- Our engineers believe the hack is of an aged remote backup, not of Epik's core production.

- No customer domains have been impaired to our knowledge. More domains arrived today than left Epik.

- Our support team is doing an excellent job.

Cyber security is no joke. If this can be done to Epik, it can be done to anyone. As it was, we were already in the process of heavily investing in this arena. Lord-willing, we will once again emerge stronger from the experience.

On a personal note, I am thankful for the outpouring of support. May those of you who choose to stand with Epik all be greatly blessed, both in this life, and the one to come.

Regards,

Rob

 

[karmaco]

I have been unable to login into my account at all It tells me wrong username and password. Can everyone login?

Just logged in no problem. I have had 2 factor on all along though.

 

[Martins B.]

Update:

now, most of you will have seen our first official update sent via email today.

Quick supplemental update:

- Cyber forensic work is moving swiftly.

- Our engineers believe the hack is of an aged remote backup, not of Epik's core production.

- No customer domains have been impaired to our knowledge. More domains arrived today than left Epik.

- Our support team is doing an excellent job.

Cyber security is no joke. If this can be done to Epik, it can be done to anyone. As it was, we were already in the process of heavily investing in this arena. Lord-willing, we will once again emerge stronger from the experience.

On a personal note, I am thankful for the outpouring of support. May those of you who choose to stand with Epik all be greatly blessed, both in this life, and the one to come.

Regards,

Rob

Even if it's an older backup, it still has profile information, just not the up to date transfer information.

 

[The Rover]

Correct.



Well, there were definite lapses in their security--I would go so far as to say a concerning amount, but the only data I have is the data that an attacker was willing to release.



We don't know the motivation, though. Preliminary evidence points to some combination of hacktivism, money, and/or amusement. All we have to go on for the first option is the attacker's word, which I'm not inclined to trust. There are discrepancies in the data that indicate money was a possible factor, and the close affiliation with 4chan means it could've simply been for amusement. None of the evidence favoring any of these options is sufficient to draw a solid conclusion; we'll need to wait until we have more info.

We don't know the motivation? Are you joking? Please tell everyone you're joking. What part of their own words are you having trouble parsing?

Why must people continue this strange "head in the sand" charade when it comes to simply acknowledging the genuine threats that America (and other countries) actually have? The extreme left's tactics have always been to invert actual racism and fascism. They take it upon themselves to attack those who protect free speech. They literally continually invert the definition of nazism, and when actual fascist tactics are deployed (such as this hack), people then sheepishly make statements like "we don't actually know yet why they did it"....despite the hackers openly admitting why they did it. You don't even have to connect the dots in this case. I'm wagering that Sherlock Holmes can rest easy tonight.

All of this is truly an unbelievable sight to behold, really.

 

[Peak.Domains]

@The Rover is absolutely correct, as long as one is willing to believe everything that a hacker tells them. Is everything else in that "press release" true then, too?

 

[Martins B.]

@The Rover is absolutely correct, as long as one is willing to believe everything that a hacker tells them. Is everything else in that "press release" true then, too?

It seems it was somewhat politically motivated at least. I also seem to remember something about a russian host being hacked?

Even if done for the money, the target has been chosen based on their beliefs.

 

[The Rover]

@The Rover is absolutely correct, as long as one is willing to believe everything that a hacker tells them. Is everything else in that "press release" true then, too?

Oh, I'm sorry, did I actually state that "everything in the hacker's statement was true". No, I didn't. So why bother straw manning this? You'll only look foolish. Absurd claims that this isn't somehow a political attack is either gross naivety and/or simply bias driven. The delusion is worst than I thought.

 

[The Rover]

It seems it was somewhat politically motivated at least. I also seem to remember something about a russian host being hacked?

Even if done for the money, the target has been chosen based on their beliefs.

Yep! But apparently some folks here wish to avoid that point. Why? Because many truly loathe Rob and Epik.

 

[dirk]

Even if it's an older backup, it still has profile information, just not the up to date transfer information.

Agreed. It doesn't change much. Since they have been able to get access to a remote backup that probably means they have/had access to the core/live system. Not good when your remote backups are compromised.

 

[Peak.Domains]

@The Rover I think it's probably correct that this was based on the politics of epik, I just think it's interesting that the evidence you provided was "the hacker said it," I was surprised you would put so much stock in what the hacker says. I can go line by line if you're still confused.

 

[Jurgen Wolf]

Plug&Pray registrar...

 

[The Rover]

@The Rover I think it's probably correct that this was based on the politics of epik, I just think it's interesting that the evidence you provided was "the hacker said it," I was surprised you would put so much stock in what the hacker says. I can go line by line if you're still confused.

It's good to see that you're finally admitting that Epik was very likely attacked for their politics. Beyond that, I have no idea what point you think you're attempting to make, nor do I care. My one and only position this entire time, was that they were attacked because of their ideology. You're welcome to scroll up if you're still confused.