Namers

What to do after the epik hack / PLEASE DO THIS

Namecheap

Will you be changing your email address at registrars?

  • This poll is still running and the standings may change.
  • Yes

    9
    votes
    50.0%
  • No

    9
    votes
    50.0%
  • This poll is still running and the standings may change.

Windoms

Top Contributor
Impact
1,872
This is very serious, please don't this lightly.
This is no debate about the hack, please stay on topic.

So as you know there's been a data breach at epik.
Names, addresses, phone numbers, email addresses, usernames, credit card info and who knows what has been leaked.

I advise each and everyone to do the following.
Change your passwords, but also your email addresses at ALL your registrars which are using the same email address.

As you know there's bad people around.
Us domainers hold assets at registrars. It's literally like accounts holding money or crypto. Please don't take this lightly, people love money, we are a real, viable target.
With your personal info, scammers could try to contact registrars customer service in order to reset your email/passwords through many ways.

One of them is this one, brought to our attention by @Lox

This is literally a form from a registrar, that allows you to change the email address that you have on file.
People could literally make fake IDs and attach them to this form to be able to change your email address.
It is said on this form that you will be contacted on both new and old email, if you miss it, if it goes to spam, if you receive while you're away and scammer has time to validate it, you're screwed.

change email.webp


Who knows what scammers are able to do, they could call customer service saying I lost my device which had my email and password managers saved on it I dont remember anything please help me this is my personal info + last credit card digits I have to prove my idendity + whatever blah blah blah they can craft.
Have scammers land on one unsuspecting customer service agent and it could be the end.
They could also have accomplices, think about companies with foreign offices like godaddy.

This just a simple ideas; Scammers have very elaborate and structured ideas plans.
So protect yourself, don't take this lightly.

Change your registrar emails.
And change email/passwords on afternic, dan, sedo, domainagents, etc.. etc..
And turn on 2FA.

Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
Don't forget to change passwords at places like ADOBE, email/hosting providers, etc.. where you used the same email/password, as all could have additional data or cards saved in profiles which scammers could use to craft whatever they need to.

If you have ideas as to what must be done, examples of what can/has happened, you are welcome to share.

Thank you
 

Windoms

Top Contributor
Impact
1,872
Personally, my email that got leaked was clean.
On haveibeenpwned.com, I only have 1 leak and its this one.

I didn't even use for namepros, I never received a single spam email, I use a secondary email address for all the non-vital stuff like shopping online, facebook, etc..

As hard as its to, I'll go through mails and find all the websites where I signed up, and change those to the new email address. Basically migrate my stuff.

I advise you do the same.
 
Last edited:

Windoms

Top Contributor
Impact
1,872
Also don't forget to change your afternic passwords.
It was already revealed that afternic credentials got leaked, so change them as it could show thieves what you own (how juicy you are as a target).

Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
edit: domainagents doesn't have 2FA, activated a couple yesterday + changed password on DA's, messed up.

People voting no, why is that?
I am not very experienced in this data breach thing.
All I see is domainers being a treasure trove to some.
If you know something, please enlighten us.
 
Impact
4,400
Other registrars may also be hacked someday, so I'd suggest to start using an unique email for each critical service. It may not be an easy task to check all those emails (web-based) in future though. So, IMAP client supporting >1 accounts may be an option. It would decrease the security unfortunately (no 2FA if you enable IMAP to read emails).
 
Last edited:

Windoms

Top Contributor
Impact
1,872
I don't think its a good idea to spill publicly if you're changing your stuff or not. Keep it to yourself, you never know who's paying attention
Why is that?
As long as you are not disclosing your new email address you are not exposing yourself to anything.

Everyone should be "changing their stuff" anyways.
 

HotKey

Made in Canada
Impact
8,805
I don't think its a good idea to spill publicly if you're changing your stuff or not. Keep it to yourself, you never know who's paying attention
Yeh I agree with this, I mean thanks for the info Windoms but the poll question is no ones business and even worse whom voted is publicly visible.
 

Mifuru

Neko? No
Impact
1,418
This is very serious, please don't this lightly.
This is no debate about the hack, please stay on topic.

So as you know there's been a data breach at epik.
Names, addresses, phone numbers, email addresses, usernames, credit card info and who knows what has been leaked.

I advise each and everyone to do the following.
Change your passwords, but also your email addresses at ALL your registrars which are using the same email address.

As you know there's bad people around.
Us domainers hold assets at registrars. It's literally like accounts holding money or crypto. Please don't take this lightly, people love money, we are a real, viable target.
With your personal info, scammers could try to contact registrars customer service in order to reset your email/passwords through many ways.

One of them is this one, brought to our attention by @Lox

This is literally a form from a registrar, that allows you to change the email address that you have on file.
People could literally make fake IDs and attach them to this form to be able to change your email address.
It is said on this form that you will be contacted on both new and old email, if you miss it, if it goes to spam, if you receive while you're away and scammer has time to validate it, you're screwed.

View attachment 200385

Who knows what scammers are able to do, they could call customer service saying I lost my device which had my email and password managers saved on it I dont remember anything please help me this is my personal info + last credit card digits I have to prove my idendity + whatever blah blah blah they can craft.
Have scammers land on one unsuspecting customer service agent and it could be the end.
They could also have accomplices, think about companies with foreign offices like godaddy.

This just a simple ideas; Scammers have very elaborate and structured ideas plans.
So protect yourself, don't take this lightly.

Change your registrar emails.
And change email/passwords on afternic, dan, sedo, domainagents, etc.. etc..
And turn on 2FA.

Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
Don't forget to change passwords at places like ADOBE, email/hosting providers, etc.. where you used the same email/password, as all could have additional data or cards saved in profiles which scammers could use to craft whatever they need to.

If you have ideas as to what must be done, examples of what can/has happened, you are welcome to share.

Thank you

Just change your passwords and enable 2FA with SMS verifycation each operation if possible. In the hacking world, even 2FA is not a problem. Easy to get around.
 
Top Bottom