alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Lox]

For Epik - do not use Wordpress and a theme from themeforest, choose something more secure.

btw.

RU hosting provider, was hacked by hacktivists on September 12
The entire IT infrastructure of MskHost was hacked, the user servers and data were accessed, and most of the servers were permanently deleted.
link > copy - paste
bezpeka .com/en/hacktivists-took-down-a-russian-hosting-provider-who-was-said-to-have-hosted-cybercriminals/

 

[Jurgen Wolf]

there is nothing on the site that simply says close/delete account.

Imagine: this button exists during such leak (when somebody knows your credentials) and no 2FA.

 

[Jurgen Wolf]

WordPress and security are incompatible words.

 

[cabotower]

You can edit your account and change all the information to my wife/your wife or someone who you really LOVE.

i have no names there and have not done business with them since they parted ways with paypal. very odd that there is no way i could find to simply delete an account.

 

[.X.]

sucks.. still got a bunch of domains there.. been too busy to move them.. now i suffer like the other lazy people.. we're punished by Rob's god... you know gods never help the little people

was it necessary to attack God in your post ??? Some people here have no respect for others and must gaslight looking for a reaction .. you are one of “Them”

 

[VadimK]

What incredible timing, I was just about to move my landers to Epik and try them out.

On a side note, there appears to be a torrent file going around with all the information that was obtained in the breach.

It's actually would be a good time to move your landers to Epik, as you may be sure that another DDOS attack won't be happening tomorrow. And you are not on that torrent list neither. Only pluses for you.

 

[TheBuyerz]

I have a bunch of money on Epik, as well as transferred most of my domains there recently ! Hope they will be safe @Rob Monster

Even Binance and many big companies like Linkedin, Yahoo and other big players got hacked ... but that doesn't matter, you can update your system, detect the breach and secure it ... the thing that matters is how you will manage this issue and especially for your clients and how they can be SAFU even when thing like this happens.

 

[Mr. Deleted]

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc

 

[Ostrados]

The password I use at Epik I dont use anywhere else. And my stored credit card luckily expired last month

My only concern right now is that in near future I may start receiving regular spam emails at my Epik email address which is very annoying btw.

Regarding unsalted md5 it is really surprising especially for a registrar!! We are not talking about a forum website we are talking here about a registrar with multi million domains. However if you use a strong password it doesn't matter your password will almost never be cracked, but if you use a weak password (especially common passwords) then you need to be worried and if you use this password in other places then you must change it immediately everywhere.

 

[mr-x]

WordPress and security are incompatible words.

Not so much wordpress but the plugins and themes are shite.

 

[fatter]

just switched my landing page to epik.com this is on landing page

Attackers might be trying to steal your information from healthvouchers.com (for example, passwords, messages, or credit cards).

NET::ERR_CERT_DATE_INVALID

 

[The Rover]

sounds like Tall poppy syndrome to me

Cheers
Corey

It's an obvious attack on freedom of speech under the guise of attacking "fascism". This is no different than antifa attacking or harassing innocent people. This attack should terrify everyone. It's all fun and games for many people who are criticizing Epik until their own ideology is threatened. Ideally, politics has zero basis in business, but that isn't human nature.

I have nothing against Rob but the big mistake that he made was mixing between business and politic.

Remind me how GoDaddy isn't political? Remind me how other corporations, including GoDaddy, are not subjecting thier customers to divisionist race baiting tactics in their daily mailouts and on every other social media post? Virtually everything is political in today's times. Rob's vocal support for freedom of speech is a direct response to the ones who don't wish for it to exist. That's a distinct difference between attempting to coerece people into an ideology by force.

This attack might be coming from inside, or it may be deeper than what most people think.

Indeed. This is a strategy to have the majority of the population left with few options but to use companies who only support woke, leftist ideology. This is pure coercion and manipulation. If the fix is in (and it seems to be) we can expect to see more and more leftist groups routinely attacking right leaning groups who for the most part, simply want to be left alone. Sadly, customers will tolerate leftist propaganda endlessly, as long as they're told that their "domains" and bank accounts are "safe".

If that turns out to be true, I'll never use Epik again.

And that was precisely the intention of the hackers.

This should be changed definitely.
It sounds like a provocation, for hackers as well.

Anything can be hacked. Unfortunately, if you happen to be vocal about civil liberties and openly stand for free speech, you're a prime target these days. It's the motivation for the attack is what people should be outraged about. But I digress. People will get the society that they truly deserve. You can't say we haven't had countless red flags regarding the direction all of this is heading towards.

 

[mr-x]

just switched my landing page to epik.com this is on landing page

Attackers might be trying to steal your information from healthvouchers.com (for example, passwords, messages, or credit cards).

NET::ERR_CERT_DATE_INVALID

Security certificate expired 197 days ago. What a headache. God bless @Rob Monster

 

[Jurgen Wolf]

Wait until new cert will be autogenerated...

 

[kam]

just switched my landing page to epik.com this is on landing page

Attackers might be trying to steal your information from healthvouchers.com (for example, passwords, messages, or credit cards).

NET::ERR_CERT_DATE_INVALID

You normally have to wait a few hours to a few days before they generated a let's encrypt cert for your domain.

 

[mr-x]

Probably would have been better without the last paragraph - God, prayer, evil, enemies. That is not usually the type of wording you see about a hack.

All people care about is what happened.

At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc

Personal letter from Rob. You don't stop being a Christian when you go to work, I appreciate he doesn't shy away from expressing his faith.

 

[mr-x]

It seems like a cult with always prayers and god in every post/email

No-one is controlling Rob; he acts on his conscience. Better to be who you are 100% of the time.

 

[rh2000]

Seems to be working ok for me.

 

[korganian]

IMHO this is the time to support Epik and Rob. Not fly off the handle and post endless negative comments and abandon Epik. The reason that I say that is because Rob has donated more of his time and money to help all domainers than anyone else, as far as I am aware. I have never heard Rob discriminate against or have ill will towards anyone else because they have a different political view or religion than he has, but those same people turn around and condemn Rob just for saying he will pray for them!!! Rob's comments like "Blessings to you all" and "creating abundance for all" show he is the exact opposite of the lies the left are using to smear him and Epik all over the internet. Just please use you own brain to see though the propaganda being used to discredit an honest person who is actively trying to make the world a better place and has the courage to oppose the tyrants who are a serious threat to the liberty of each and every one of us.

 

[frank-germany]

nothing to be worried:
( just now )

 

[Samer]

Update: This was in my aol junkmail
(i hate AOL email… why do i keep using it…)

 

[CJ6]

I hope Epik is able to fix any issues that comes up from this. Good luck, Epik!
For those wondering, yes, I'm keeping my domains there. They are, by far, my favorite registrar.

I just wish I could get more sales through them.

 

[Future Sensors]

I think we've seen Rob's email 4 times now in this thread. No need for more

 

[Lox]

Sep 15, 2021 - E video production continue without interruption.

 

[Zorg]

https://twitter.com/x/status/1438235701875822608