NameSilo

Epik May Have Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021 at 6:17 PM

Replies:
446
Views:
23,529

  1. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    13,754
    Likes Received:
    25,635
    This is not the way to handle a potential crisis. The complete lack of updates in 10+ hours just creates a further crisis in confidence.

    Far be it from me to tell Epik how to run their business, but I don't think radio silence is a good look.

    Brad
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. NickB

    NickB it's a mystery VIP

    Posts:
    5,465
    Likes Received:
    13,046
    Here in the UK a company would need to report it to the ICO within 72 hours and would need to inform their customers - not sure what they have to do in the U.S - are they legally required to notify anybody, including customers?
     
  3. DN Playbook

    DN Playbook Established Member

    Posts:
    447
    Likes Received:
    526
    I don't think the report was speculative on DNW. Reads pretty balanced. Breaking stories are always in development.
     
  4. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    16,918
    Likes Received:
    21,165
    I am not convinced that an actual full hack has taken place ... I think we will hear something today from Epik ... i agree with @johnn 100% .. if you don't have to login ... i wouldn't right now...
     
  5. NickB

    NickB it's a mystery VIP

    Posts:
    5,465
    Likes Received:
    13,046
    So everyone advising not to log into Epik - does this include all affiliated sites? For example Name Liquidate etc etc......
     
  6. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
  7. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    I think you can log in, change passwords, some are doing transfers out.
     
    Last edited: Sep 15, 2021 at 6:07 AM
  8. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    13,754
    Likes Received:
    25,635
    If true, that is some extremely damaging information they have obtained.

    The file states the following -

    Account credentials for:

    All Epik customers, hosting, Anonymize VPN, and so on
    Epik internal systems, servers
    Epik's GoDaddy logins
    and more! IN PLAINTEXT! That's right, Epik barely hashed a damn thing!


    There is a lot more damaging stuff listed as well.

    Of course with no comment from Epik, people can only speculate what is going on.

    I hope it is straightened out as I would not wish a data breach on anyone.

    Brad
     
    Last edited: Sep 15, 2021 at 6:31 AM
  9. frostify

    frostify Top Contributor VIP

    Posts:
    1,813
    Likes Received:
    947
    I have no far-right political beliefs but I use Epik.com almost exclusively due to their low pricing, support, and just general features. This hack makes me really want to consider just jumping ship and finding another registrar. I read the entire ‘press release’ from Anonymous and this is really bad.

    Data (supposedly) includes:

    * All domain purchases
    * All domain transfers in/out
    * All whois history, unredacted
    * All DNS changes
    * All email forwards, catch-alls, etc
    * Payment history
    Account credentials for:
    all Epik customers, hosting, Anonymize VPN, and so on
    Epik internal systems, servers
    Epik's GoDaddy logins
    ...and more! IN PLAINTEXT!

    Git repositories for internal applications!
    * SSH keys!
    * /home/ and /root/ directories of one of their core systems!

    Read the full release here from the hacker group known as ‘Anonymous’.

    Just for the record I do not support or condone the hack in any way, especially given I’ve been a loyal Epik customer.

    I’m extremely concerned if it’s true that lots of data was not properly encrypted and rather stored in plain text as this would just be pure negligence on behalf of Epik but I reserve judgement until we have more information and know all the facts. As it stands it is still extremely concerning. Would love to hear what Rob Monster has to say about this.

    Like I said, I am reserving judgement until we have more information and word from Epik/Rob about how far reaching the hack was. We should give them a chance to give their side of the story. If that info was really unencrypted and stored in plain text though….

    I think it goes without saying that everyone with an Epik account should IMMEDIATELY change their password and setup 2-factor authentication if you haven’t already.
     
    Last edited: Sep 15, 2021 at 7:45 AM
  10. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    That's what surprised me Brad.

    I can say I had 20 .coms that I was moving before this, did them tonight everything went fast and smooth so Epik did not hold anything up or any hiccups.
     
  11. henrypcyeung

    henrypcyeung Established Member

    Posts:
    530
    Likes Received:
    1,325
    The longer time Epik keep silent, the higher chance they are hacked...
     
  12. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    13,754
    Likes Received:
    25,635
    I mean it is clear at this point something has happened. The depth of it, who knows.
    Otherwise, they would have just come right out and denied it almost immediately.

    It is not like many Epik staff members have not read this post.

    Brad
     
  13. topdom

    topdom Top Contributor VIP

    Posts:
    1,645
    Likes Received:
    1,378
    We were expecting something like internet shutdown, in the next stage of this war (between deepstate and humanity). Looks like this is a baby version of it. Clearly this hacker is on deepstate/or/democratparty side
    (I don't mean republican party is on humanity side) or pretends to be. Or this might be a distraction if the attack is coming from inside. Epik is not far right. Epik is secular christian company. Q, ivermectin, are great.
    Whoever bans ivermectin is killing people with wrong drugs and injections. If there were no Q, we would all become slaves, or victims of a nuclear war.
     
    Last edited: Sep 15, 2021 at 6:49 AM
  14. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    13,754
    Likes Received:
    25,635
    I just found this tweet. This was just reported as news yesterday, but the tweet is from (2) days ago.

     
    Last edited: Sep 15, 2021 at 6:51 AM
  15. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    16,918
    Likes Received:
    21,165
    I wouldn't login to affiliated sites ... we don't know the logistics structure or database connections .... better safe than sorry IMO
     
  16. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    16,918
    Likes Received:
    21,165
    I have 1 domain at epik .. a domain i bought from RJ .... I have no idea what a "Key" is at epik ?
     
    Last edited: Sep 15, 2021 at 7:02 AM
  17. eternaldomains

    eternaldomains Established Member

    Posts:
    441
    Likes Received:
    229
    Now I know why I didn't feel like updating my expired card on Epik for so long since last 2 months and was having an extra tough time trying to sleep last night.

    I see some say change pw, others say don't login at all. IMO if the hack is actually still ongoing, you should change the pw everyday until 7-30 days after someone from Epik starts saying something about this.

    The biggest irony here is that Epik was chastising DAN for potential security issues back then and yet now it's Epik getting hacked instead. All because Epik, just like DAN, is on the road towards focusing too much on excessively unnecessary innovations instead of efficiency & security, and it's made worse with more stupid political $#!+ statements. Unfortunately, with political statements in the mix, we'll never know if the hacker is actually doing this just because of such political statements, because as I see it the timing is too suspicious as it happened right after Epik became the 1 and only registrar who didn't budge on domainer .com renewals. It could very well be Veri//sign attacking Epik for not indirectly complying with their anti-poor-domainer policies while making it look like a political thing.

    So I'm just going to repeat this to everyone: to keep changing your Epik pw on a daily/per few days basis, which is what I'm going to do. And monitor your email for any Masterbucks withdrawals. Maybe even ask support for a timed lock down on your Masterbucks as well if there's any funds there.
     
  18. eternaldomains

    eternaldomains Established Member

    Posts:
    441
    Likes Received:
    229
    A suggestion for @Rob Monster , please add a function to allow users to block logins based on whitelisting country-based IP addresses. Some people might be nomads or with dynamic IPs (e.g. my connection). We certainly don't need account access from countries we'll never access from.
     
  19. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    I believe you can whitelist through the federated identity I saw that today when I was changing password.
     
  20. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    DNSSEC.
    Read previous pages.
     
  21. eternaldomains

    eternaldomains Established Member

    Posts:
    441
    Likes Received:
    229
    Where is this? I only see the following:

    Personal Info
    Account Verification (ID)
    Account Security
    > Signing in
    >> pw
    >> 2FA
    > Device Activity
    Applications

    Am I missing something? I don't see any whitelisting options at all.
     
  22. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
  23. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
  24. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
  25. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    You can't whitelist your country there, you need to know all your IP ranges in this case.
     
    Last edited: Sep 15, 2021 at 8:20 AM

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...