alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Future Sensors]

what should Epik customers do now?

Customers should continue to communicate their urgent concerns to the company and ask for more concrete information about what happened.

 

[Jurgen Wolf]

DNW comment

Show attachment 199492

Even here $6.99 ad...

 

[Jurgen Wolf]

what should Epik customers do now?

Transfer-out as standard/adequate reaction.
Another landers/nameservers as minimum.

 

[88.88]

I have some domains with Epik and before the breach I was planning to transfer to Epik some others from time to time. I use different registrars according to convenience.

Now, more than before, I will renew with them my domains and proceed in the future to move other domains to Epik.

The reason is that any Company is on the list for the next breach and, as a consequence of what happened, it is very unlikely that Epik will be again the next on this list.

They have received their vaccine dose. Now they're suffering for side effects, but for long time they will be immunized.

 

[bmugford]

The reason is that any Company is on the list for the next breach and, as a consequence of what happened, it is very unlikely that Epik will be again the next on this list.

They have received their vaccine dose. Now they're suffering for side effects, but for long time they will be immunized.

Because they suffered a massive data breach, they are more unlikely to suffer another data breach?

That is kind of odd logic in my view.

Brad

 

[88.88]

Brad, I make mistakes every single day, but I try not to repeat them. I like to change.

 

[Lox]

.

Manipulation of archive.today is unlikely.

Here’s the same page on the Wayback Machine:

• https://web.archive.org/web/2021091...they-claim-we-got-hacked-q-says-theyre-lying/

I’m not going to ask CST how and what . They have been doing a lot more important things , here is the link for me to read so when you have a chance/time …. interesting info.

rewritinghistory.cs.washington.edu

franziroesner.com/pdf/Lerner-RewritingHistory-CCS2017.pdf

Regards

 

[Mister Funsky]

The 'hack' either occurred prior to March (6 months ago) or it was a recent 'hack' of data that was stored at a supplier/2nd site. Either way, any 'damage' that would have happened including stolen names would have and/or should have happened well before now.

Codes have been changed, more than once, and if your names do not stay locked always (regardless of who your registrar might be) you probably should not dabbling in the art of domain investing.

Until/unless someone can legitimately report he/she has had a name stolen I'm not going to worry too much.

Back to the first paragraph, if the data was hacked 6 months ago, why did the hackers wait so long to make a production about it? Were they trying to extort Epik in the meantime or did they just manage to get get access to off core storage in the last several days?

(sorry if any of this has been addressed in recent posts...for some reason my last read response did not hold and I was taken back to the first post)

 

[Jurgen Wolf]

They didn't wait, this week they got backup of Epik DB.

Tons of Adult domains/websites were under Moniker...
Or another toxic registrar.

 

[Paul]

private keys of what? epik doesnt store crypto keys

Private keys have been an essential component of cryptography since long before cryptocurrency came about. They're used for everything from authenticating with core infrastructure to securing VPNs to SSL/TLS certificates.

DNSSEC.

If present (I haven't checked), that's probably the least concerning type of private key in the leak. It appears to contain private keys for SSH authentication as well as for SSL/TLS certificates.

Theoretically, if the SSH private keys are valid and protected with weak passwords (or no passwords), the attacker could've moved laterally within Epik's infrastructure: they probably would've been able to get into live systems using data from the backup. However, if they did manage to do so, they haven't shown their hand yet.

Not much has come from Epik, and the few statements certainly do not seem to acknowledge the seriousness of the situation IMO.

If the attacker has withheld data or is still in Epik's infrastructure, I'm concerned that Epik downplaying the seriousness may lead to further damage. Self-proclaimed hacktivists often seem to go that route.

The reason is that any Company is on the list for the next breach and, as a consequence of what happened, it is very unlikely that Epik will be again the next on this list.

They have received their vaccine dose. Now they're suffering for side effects, but for long time they will be immunized.

I like your optimism! I have no doubt Epik will do their best to learn from this, but it may take time for them to recover. At the moment, we're stuck in a period of uncertainty: we don't know the extent of the damage, and it's likely that Epik doesn't know yet, either. That's important to consider when doing your risk assessment and determining the best course of action.

I would also like to see other registrars learn from this, but that may be asking too much.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
― Douglas Adams​

 

[MasterOfMyDomains]

Stay on topic.

 

[Jurgen Wolf]

I recommend to spend your energy and time on your domains.
Until is not too late.

 

[mr-x]

$

https://twitter.com/x/status/1438750666097319942

"

"nearly stolen".

B/S.

 

[mr-x]

This story has started to gain even more traction on popular websites like -

https://www.motherjones.com/politics/2021/09/epik-hack-anonymous-gab-parler/

https://arstechnica.com/information...of-data-from-epik-web-host-of-gab-and-parler/

https://www.dailydot.com/debug/epik-hack-far-right-sites-anonymous/

https://www.techtimes.com/articles/265416/20210915/anonymous-hackers-leak-epiks-database—experts-confirm-gigabytes-data-obtained-8chan.htm

https://gizmodo.com/anonymous-claims-to-have-stolen-huge-trove-of-data-from-1847673935

Not much has come from Epik, and the few statements certainly do not seem to acknowledge the seriousness of the situation IMO.

Lots of deflection about politics from Epik connected parties. No one cares.

Epik is responsible for protecting their customer's data. Any excuse outside just taking responsibility is deflection.

The customers want to know -

What actually happened?
How did it happen?
What data have the hackers taken?
What they need to do?
What is going to stop it from happening again?

The ball is in Epik's court to answer those questions.

Brad

All of that is true but Epik, like Moniker, Verizon, etc is a victim as are their customers. This got political because the hack was politically motivated.

Don't expect a lot of news from Epik until they have control of their own system. Anything they say now will be spun into a negative story.

 

[mr-x]

nearly? how does nearly stolen count for anything?

It doesn't. The author is a anarchist, to him, lying is like breathing.

 

[dirk]

This got political because the hack was politically motivated.

You're probably right. Seen some stuff posted showing the database search history and going from that it does look like they were going after some specific targets.

You can't trust any source right now though.

 

[dirk]

This may be a good read for @epik
https://iapp.org/news/a/gdpr-match-up-u-s-state-data-breach-laws/

 

[eternaldomains]

I was asking Paul about my login logs, and it seems that there's no real attempts on actual hacking of my account so far, likely because of me having a "lousy" handregging portfolio deemed too uninteresting to any hacker Either that, or the registrar/s involved isn't/aren't frequently used by members here.

And apparently I found out there's a new inactive member who's username is similar to mine.

But that also means I'll never be able to help pinpoint/exclude any hacked registrar. Chances are, the only ones qualified to contribute on finding out any unknowingly hacked registrars are members who have much more premium names and with different usernames/emails used on different registrars.

Anyway thanks for helping out @Paul !

 

[Beezy]

Just saw this tweet from 2019.

Just be really careful folks. For some reason every 2 pages people keep coming on here to tell you to move your domains INTO epik at this time, which would be a huge mistake.

Not sure what their agenda is but it sure isn't your safety.

 

[Jurgen Wolf]

When you deal with toxic registrar - your personal data and assets are always at risk.
It also affects your sales.
This is what I learned from Moniker and Epik.