NameSilo

Epik May Have Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021 at 6:17 PM

Replies:
444
Views:
23,407

  1. frostify

    frostify Top Contributor VIP

    Posts:
    1,813
    Likes Received:
    947
    I think it’s been a long enough period of silence from Rob/Epik that I’m going to begin the process of moving out domains to another registrar.

    At the very least they could have put a banner or blog post up saying “we’re investigating, here’s what customers should do in the meantime…” but they haven’t.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Lox

    Lox _____ VIP

    Posts:
    3,706
    Likes Received:
    6,656
    The @ AnonOpsSE posted (@ AnonOps didn't )

    twitter .com /AnonOpsSE/status/1438100775968837636

    ann.jpg
     
  3. DN Playbook

    DN Playbook Established Member

    Posts:
    447
    Likes Received:
    526
    This thread is exploding. I still have a few pages to catch up on. Here are brief thoughts.

    Hackers come in many different colors. Most are determined to steal data and sell it on the dark web. Identity theft, bribes, ransomware, and other scams. This one sounds like it was motivated by Rob's position on free speech, hate speech to be precise. This is well documented on NP, Wikipedia, and many other sites, including journalist articles. I don't know what he was thinking. Maybe a way to differentiate his company.

    This is very true. The bigger the company gets the more likely it will become a target. But what is most important is what is the company's response.
     
  4. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    13,754
    Likes Received:
    25,631
    Probably would have been better without the last paragraph - God, prayer, evil, enemies. That is not usually the type of wording you see about a hack.

    All people care about is what happened.

    At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

    Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

    You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

    Blessings to you all.

    Regards,

    Rob Monster
    Founder and CEO
    Epik Holdings Inc
    [​IMG]
     
    Last edited: Sep 15, 2021 at 6:15 PM
  5. Mahogany

    Mahogany Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,650
    Likes Received:
    1,089
    ^^ I haven't received that email yet.
     
  6. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    16,918
    Likes Received:
    21,165
    my initial response was if they wanted a full beat down .. why didn’t they capture .. lock and ransom … this just my opinion but I feel the attack was an American or Americans
     
    Last edited: Sep 15, 2021 at 6:16 PM
  7. johnn

    johnn WeSellName.com PRO VIP ★★★★★★★★★★

    Posts:
    17,608
    Likes Received:
    7,742
    All you need to do is log in and change the profile to your wife and let her deal with it.
    This is too much for a man.
     
  8. frostify

    frostify Top Contributor VIP

    Posts:
    1,813
    Likes Received:
    947
    I'd encourage everyone to do the following:
    • Change your password on Epik
    • If you use the same password across multiple sites, change all of them to be unique (try a password manager program like BitWarden, LastPass, 1Password).
    • Setup 2-factor authentication on Epik
    • Setup 2-factor authentication on the email associated with your Epik account
    • Stop using the Anonymize VPN service until we have more information from Rob/Epik regarding the extent of this alleged hack.
    • Be extra careful opening emails that claim to be from Epik as they may or may not be phishing attempts by bad actors, especially now that Epik customers may become bigger targets. Check the sender, look for misspellings, report suspicious emails or ask Epik livechat to confirm if they're real if you're unsure. Be mindful when clicking on links and double check the domain in the address bar before typing in sensitive info like logins.
    • Make sure your security questions are setup properly and cannot easy be guessed or found out.
    • Make sure your computer has the latest software updates and run a virus/malware scan to make sure your device is safe. (Malwarebytes, Avast, Windows Defender, etc. whatever program you prefer)
    I recommend the free 'Google Authenticator' app on iOS/Android for 2FA.
    Optional: use a VPN from ProtonVPN (free option), NordVPN, ExpressVPN, PrivateInternetAccess.

    While we still don't have the full details regarding the hack, it's not a bad idea to take a proactive approach and start 'locking down' your accounts now. Still waiting on an official response from Epik. As of right now this is still very much an 'alleged' hack but it certainly doesn't look good.

    Remember that if one password is compromised, hackers will likely try that same username/email/password across many different sites and services to see how many locks that key can open which is why it's important to use different passwords. Domain hijackers will almost certainly be trying Epik passwords across various different domain registrars.
     
    Last edited: Sep 15, 2021 at 6:37 PM
  9. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,057
    Likes Received:
    3,494
    Since we're continuing to see political arguments in this thread, let's get one thing straight: Anonymous is a movement that favors chaos. It's a loose collection of people who believe they have transcended morals, religion, and politics, and they do not care what ideological stance they take as long as it makes people angry. They'll say whatever they need to say to justify it as hacktivism.

    These are not people for whom ideology is a motive; rather, it's a tool. Their mentality is that the universe is nothing but a game and their purpose is to ruin the fun for everybody. They will take whatever ideological stance opposes their target. And they'll relentlessly harass anyone who gets in the way or points out that the only real goal is chaos.

    Controversial targets are easy targets: the victims point fingers while the hackers wallow in the chaos.

    Don't fall for it.
     
    Last edited: Sep 15, 2021 at 6:45 PM
  10. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    I don't see politics.
    Mainly religious fanaticism or discrimination.
    Use proper definitions.
     
  11. tonyk2000

    tonyk2000 Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,340
    Likes Received:
    4,001
    Yeah. If you "verified" your Epik account by uploading (real) ID - then you might really want to change your profile to your wife or another trusted person WITH OTHER REGISTRARS. Worst case scenario: hackers know your real name, have your ID and the list of domains you transferred out from Epik to "registrar X". The said "registrar X" may now receive a password reset request from somebody claiming to be yourself, who simply forgot everything (email, login, password) but faxed to them your real ID... and who knows what else (cc details, bank account number if you used masterbucks to withdraw..)
     
    Last edited: Sep 15, 2021 at 6:44 PM
  12. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,057
    Likes Received:
    3,494
    Edited.
     
  13. cabotower

    cabotower Top Contributor VIP

    Posts:
    2,247
    Likes Received:
    2,491
    anybody else getting this when you try epik... Screenshot 2021-09-15 at 4.20.33 PM.png
     
    Last edited: Sep 15, 2021 at 6:52 PM
  14. E-Promote

    E-Promote Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,094
    Likes Received:
    1,121
    The call is coming from inside the house...it's your father and he's been drinking :)
     
  15. kam

    kam Top Member PRO VIP ★★★★★★★★★★

    Posts:
    1,414
    Likes Received:
    844
    I have no idea if it will as bad as you claimed.
    Anyway, many of us still waiting for someone who had download the torrent to talk about what kinds of sensitive information have been massively leaked.
     
    Last edited: Sep 15, 2021 at 6:59 PM
  16. frostify

    frostify Top Contributor VIP

    Posts:
    1,813
    Likes Received:
    947
    I am not having this issue, I am able to access the Epik homepage without any problems.
     
    Last edited: Sep 15, 2021 at 7:00 PM
  17. tonyk2000

    tonyk2000 Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,340
    Likes Received:
    4,001
    /me too. But, prevention is better than cure. Epik still has, and, therefore, had account verification link inside - with an opportunity to upload ids etc. in all relevant times.
     
  18. Corey

    Corey GDBR. com VIP ★★★★★★★★★★

    Posts:
    14,977
    Likes Received:
    18,530
    No problem here in Australia, site is loading, havn't logged it, no need to at this point.

    Cheers
    Corey
     
  19. Silentptnr

    Silentptnr David George VIP

    Posts:
    16,678
    Likes Received:
    48,107
    Just hit my email.....

    At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

    Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

    You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

    Blessings to you all.

    Regards,

    Rob Monster
    Founder and CEO
    Epik Holdings Inc [​IMG]
     
  20. cabotower

    cabotower Top Contributor VIP

    Posts:
    2,247
    Likes Received:
    2,491
    thx, it worked for me. i got through when i googled the name. i got the error when i tried to enter through my bookmarked epik link.
     
  21. xeroox

    xeroox Established Member

    Posts:
    582
    Likes Received:
    845
    It seems like a cult with always prayers and god in every post/email
     
  22. sharfab

    sharfab Established Member

    Posts:
    655
    Likes Received:
    1,678
    Epik sent me an email about an alleged security incident they are investigating...
     
  23. VadimK Iberica

    VadimK Iberica Established Member

    Posts:
    687
    Likes Received:
    1,162
    Without the last paragraph I'd be suspicious that this statement really comes from Epik...But now you can be sure it's Rob Monster.
     
    Last edited: Sep 15, 2021 at 7:29 PM
  24. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    Today a few times higher activity among domainers than yesterday - and no troubles, no slow response.
    Definitely all issues yesterday are linked with mentioned attack. I have no doubts.
     
    Last edited: Sep 15, 2021 at 8:03 PM
  25. domaindevil

    domaindevil Established Member ★★★★★★★★★★

    Posts:
    34
    Likes Received:
    22
    I am out of there...
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...