NameSilo

Epik May Have Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021 at 6:17 PM

Replies:
445
Views:
23,420

  1. topdom

    topdom Top Contributor VIP

    Posts:
    1,645
    Likes Received:
    1,378
    You can chat with Epik, and get an unofficial response. (Don't overdo it, I mean throw a dice and if it is not 1 (or what you had in mind, 1/6 chance), don't do anything.)
     
    Last edited: Sep 15, 2021 at 9:08 AM
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    @Rob Monster
    How are compatible this logo and integration of the idiotic Estibot (one more hole)?
     
    Last edited: Sep 15, 2021 at 9:07 AM
  3. Samer

    Samer Top Contributor VIP

    Posts:
    11,174
    Likes Received:
    21,748
    These people are as much “activists” as gorilla mask women that threw an egg at Larry Elder.

    Samer
     
    Last edited: Sep 15, 2021 at 9:20 AM
  4. Finest

    Finest Top Contributor VIP

    Posts:
    2,493
    Likes Received:
    1,959
    Epik's continuing silence is more concerning than the claims. It's fueling speculation.

    If the incident is a data theft breach, then systems remain intact. They will continue to work normally. In many similar cases, the victim first knows about the attack when the attacker exposes the stolen data or announces the attack (sounds familiar?)
     
    Last edited: Sep 15, 2021 at 9:16 AM
  5. Samer

    Samer Top Contributor VIP

    Posts:
    11,174
    Likes Received:
    21,748
    My people downloadin the data as we speak

    Still call bluff.

    P.S. No domains lost by epik. Still Zero! Nada

    Samer
     
    Last edited: Sep 15, 2021 at 9:18 AM
  6. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Who’s Financially Responsible for Cybersecurity Breaches?
    [​IMG] by Kayla Matthews on September 17, 2019
    As networks become less secure and the data stored on the cloud becomes more valuable, cybersecurity breaches are becoming both more expensive and more frequent. In the first six months of 2019 alone, data breaches compromised more than 4.1 billion records.

    Cybersecurity experts and IT workers can’t prevent every breach, but in some cases, it’s clear the appropriate steps weren’t taken to protect data. The cost of the breaches raises the question: Who should pay when a customer’s data gets stolen?

    What Does the Law Say?
    The current legal framework regarding data breaches isn’t particularly detailed. Beyond laws requiring disclosure of data breaches to affected customers, there are only a few laws governing who is responsible for a data breach.

    Under current law, the data owners—the firm or organization that is storing user data—are responsible for data breaches and will pay any fines or fees that are the result of legal action.

    The data holder—the organization that provides the cloud storage service—can’t usually be legally implicated or held responsible. If a data breach occurs, the data holder must notify the data owner, but not much else beyond that.

    A data owner’s level of liability depends on what safeguards it was taking to protect user data. Failing to control network access or not encrypting user data, for example, will make a data owner more liable for the damages caused by the breach. A data owner also can be held responsible for not informing affected customers soon after a breach occurs.

    Most international laws governing data privacy and breaches are similar: Both Japan’s APPI and the EU’s GDPR require companies to take measures to defend customer data and notify customers in the case of a breach.

    https://securityboulevard.com/2019/09/whos-financially-responsible-for-cybersecurity-breaches/
     
  7. TheBaldOne

    TheBaldOne Top Contributor VIP Gold Account ★★★★★★★★★★

    Posts:
    2,491
    Likes Received:
    1,573
    The 'silence' is indeed annoying, but if at the advice of law enforcement or security then should Epik ignore such advice? I personally think not.


    But we are not in a situation of Epik not knowing of this supposed attack are we. Well before now certain actions to protect the system would have been implemented - but no change has been identified by anyone.
     
  8. Finest

    Finest Top Contributor VIP

    Posts:
    2,493
    Likes Received:
    1,959
    No they shouldn't. But I doubt law enforcement would advise against a "we are aware of this goddamn thing and we are looking into it" kind of statement. The absolute silence is what provokes suspicions, I think.
     
  9. MadAboutDomains

    MadAboutDomains Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,625
    Likes Received:
    2,234
    To be fair, some companies keep quiet about data breaches for years or never tell anyone. Pretty sure Facebook took ages to reveal the extent of theirs, but don't quote me on it. Not that that helps the situation...

    I just assume every website has been hacked, it wouldn't stop me using a company. I'd even say that those companies that have been affected by this kind've thing are probably going to be even more careful afterwards if there are issues.

    Put your phone number or email into https://haveibeenpwned.com/ and prepared to be horrified.
     
    Last edited: Sep 15, 2021 at 9:25 AM
  10. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    I agree with you if it's at the advice of law enforcement, but Epik's legal counsel has to be coming back at them as well, to make clear, "Look if we continue to wait, we can be sued big time, possibly out of business, Epik is not Google or Apple.

    A data owner’s level of liability depends on what safeguards it was taking to protect user data. Failing to control network access or not encrypting user data, for example, will make a data owner more liable for the damages caused by the breach. A data owner also can be held responsible for not informing affected customers soon after a breach occurs.

    As someone else pointed out a good lawyer can show damages to each person with names on Epik landing page who believes a lack of trust has harmed his or her ability to make sales at Epik or as a result of Epik landing pages.

    This is getting very complicated. Because if that data was not encrypted?
     
  11. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Facebook, Inc. will pay a record-breaking $5 billion penalty, and submit to new restrictions and a modified corporate structure that will hold the company accountable for the decisions it makes about its users’ privacy, to settle Federal Trade Commission charges that the company violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information.
     
  12. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    The year 2019 has already seen organizations slammed with sizable fines and settlements for security incidents or misusing customers’ information. Ever since GDPR was launched, data regulators are getting more serious about companies that are not serious about consumer data protection.

    According to a report from IBM, the average cost of a data breach has increased to US$ 3.92 million, which is a 1.6 percent increase in costs in 2018 and a 12 percent rise over the last five years.

    Cyber-attacks, data thefts, weak security, mistakes, and cover-ups have cost these companies a huge fortune.


    https://cisomag.eccouncil.org/6-times-data-regulators-churned-out-high-penalties-in-2019/
     
  13. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    If fake attack - why slowness yesterday?
    I don't believe: that their platform is so weak in terms of load, where even own customers can affect it...
     
    Last edited: Sep 15, 2021 at 9:33 AM
  14. Samer

    Samer Top Contributor VIP

    Posts:
    11,174
    Likes Received:
    21,748
    Facebook made $100B profit.
     
  15. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Now Wikipedia updated it

    Alleged hack
    The hacktivist group Anonymous claimed in a September 13, 2021 press release that they had gained access to "a decade's worth of data" belonging to Epik that included domain registration and transfer details, passwords, all of Epik's customers' account credentials, logins, and payment history.[22] The Distributed Denial of Secrets (DDoSecrets) organization announced later that day that they were working to curate the allegedly leaked data for public download, and said that it consisted of "180 gigabytes of user, registration, forwarding and other information".[23]

    Epik's CEO wrote on Twitter that the alleged hack was a "non-story" and a "nothingburger",[22] and the company subsequently told Gizmodo they were "not aware of any breach".[23]

    https://en.wikipedia.org/wiki/Epik_(company)
     
  16. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Yeah that's fantastic we are talking about companies and their responsibilities and getting sued over data breaches. Epik did not make $100B
     
  17. Lox

    Lox _____ VIP

    Posts:
    3,706
    Likes Received:
    6,656
    They (persons behind the (supposedly) #ak are running a guerrilla type of campaign. Nothing yet about DB, still hanging in the air. Because there is something that it is like to be fake news ... I'm going to stay on the "E is not #aked" side for now.

    Another thing ... for about 10 min the Lolz did this .... archive.today

    epkahv.jpg

    fake (level 1 engineering)

    11111.jpg
     
    Last edited: Sep 15, 2021 at 9:36 AM
  18. Samer

    Samer Top Contributor VIP

    Posts:
    11,174
    Likes Received:
    21,748
    Wikipedia is having wet dreams on it —This company has the worst bias against em

    There is no oversight of epik’s page;
    it’s hijacked by activists…
     
    Last edited: Sep 15, 2021 at 9:37 AM
  19. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
  20. MadAboutDomains

    MadAboutDomains Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,625
    Likes Received:
    2,234
    How did they manage to get archive.today to archive a page that didn't exist? Or did it exist?
     
  21. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    11,712
    Likes Received:
    10,376
    So nobody with Gigabit connection to download this torrent and to check it? Fake or real data...
     
  22. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Data Breach vs. Cyber Liability Insurance: Is there a Difference?


    If you’ve ever looked into protecting your business from cyberattacks, you have probably heard the terms data breach insurance and cyber liability insurance. Since they are often used interchangeably, many tend to confuse the two.

    Is there actually a difference? Yes. Simply put, cyber liability insurance covers monetary losses from a breach AND provides legal protection. Data breach insurance only protects your financial interest.

    Let’s take a deeper look at each type of coverage to get a clear understanding of the differences between the two. We’ll also discuss what you should consider when looking for protection against a cyberattack.

    https://www.dhia.com/blog/data-breach-vs-cyber-liability-insurance-is-there-a-difference/
     
  23. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    I would really like to hear from who I think are the two of the top smartest people on these topics on this forum, @Paul @Michael
     
  24. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,486
    Likes Received:
    24,452
    Maybe @Lox
     
  25. Lox

    Lox _____ VIP

    Posts:
    3,706
    Likes Received:
    6,656
    My CS team confirmed, - it is known that the Archive (is) is being used as a disinfo hub for .... years. The easiest way was/is to manipulate screenshot metadata (f.e. jpg/png source code) but also there's injecting the fw code (no further info) ...
     
    Last edited: Sep 15, 2021 at 9:51 AM

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...