news Was there a Hack/Data Breach at Epik?

[404]

To my understanding most registrars do have a policy of preventing pushed domains from outbound transfers for a certain period of time. They don't want an unauthorized transfer of a domain name to another registrar.

I can't speak to what the Epik policy is on this though @Tom K., although I would imagine they would have similar policy in place.

Maybe an @Epik team member can comment?

Epik locks your domain down for 60 days.

 

[404]

He has made clear he dislikes Epik and has no domain there. It would have to be seen what the policies are for the 3 registrars of the alleged stealing. But for this period to work, you have to tell something to them...

All three of the aforementioned registrars allow you to transfer out directly after a push. Albeit things at directnic may have changed, haven't been using them much as of late.

 

[DomainsGENERAL.com]

That's some irony. So, if the story is true, he would probably have been better served to have everything at the registrar which has actually been hacked

 

[Tom K.]

He has made clear he dislikes Epik and has no domain there. It would have to be seen what the policies are for the 3 registrars of the alleged stealing. But for this period to work, you have to tell something to them...

That's the key word, alleged. There is no link I can see. Only a supposition because of the timing. Here's why:

When you think about it, who has the time to go through hundreds of gigabytes of data. Like looking for a needle in a haystack. You have to know what you are looking for in the first place. The data was made public so most have had a chance to update their security. If the Anonymous hackers wanted to do something truly malicious they would have done it already. They had plenty of time and access. Believe me, I have seen malicious hackers. I've seen them deface websites and install spamware on the server clandestinely.

It's more of an embarrassment then anything and offers a trail for LEA who have the resources and who have already levied subpoenas.

Epik hack reveals prominent, Trump-supporting websites under subpoena investigation

An internal ticketing system at Epik reveals subpoenas targeting far-right sites.

www.dailydot.com

 

[mr-x]

Epik sends an email and requires both the losing and gaining account to login and approve the push. Pretty nice system actually.

So does godaddy.

Enom will let you complete the push but emails both parties.

 

[404]

That's some irony. So, if the story is true, he would probably have been better served to have everything at the registrar which has actually been hacked

Depends on the value of the domains and how much you value keeping your cc details from being publicly available

 

[DomainsGENERAL.com]

Depends on the value of the domains and how much you value keeping your cc details from being publicly available

Sure. But...
Bitcoin solves this.

 

[accurate]

Most people have on interest in using Bitcoin or other Crypto.

Sure. But...
Bitcoin solves this.

 

[DomainsGENERAL.com]

I guess we must read "no". Ok. Some people also have no interest in using unique passwords or 2FA.
What exactly is your point?

 

[accurate]

Can an Epik team member comment? @Epik

Epik locks your domain down for 60 days.

 

[JennBlogger]

Credit Karma warnings now going out about the hack:

Epik breach​

September 2021
In September 2021, Epik's database was allegedly breached. Even if you don't use your Epik account anymore, it's important to protect any info that was exposed.

 

[404]

Can an Epik team member comment? @Epik

They're in winter hibernation so that's a big ask.

 

[Tom K.]

Epik locks your domain down for 60 days.

This is only on transfers in, according to comments on NamePros. Unless anyone @Epik can clarify. And if this policy changed to include account changes, has this been the case always or since the hack?

 

[404]

This is only on transfers in, according to comments on NamePros. Unless anyone @Epik can clarify. And if this policy changed to include account changes, has this been the case always or since the hack?

This has been the case with pushes and marketplace purchases as well. It requires manual involvement to get it lifted.

They have been claiming different on NP but never have given a clear answer as to why and how a lot of people are experiencing these locks.

I have another thread here about an expired domain purchase. Same issue, support won't unlock my domain.

 

[base]

I think it is only prudent on the registrar's behalf to implement tighter measures if that is what we are seeing after a hack. But any sort of domain transfer, registrar to another registrar, is commonly locked for 60 days. I haven't experienced otherwise. Pushes on the other hand shouldn't really trigger any sort of a lock as they are within the same registrar thus easier to rectify if anything bad happens. Also an account push doesn't necessitate a renewal/transfer fee.

But again, if Epik is locking DN's down even after a push, good on them I mean a lot of stuff we don't know about is happening behind the scenes in terms of security because of the hack.

 

[amplify]

Pushes on the other hand shouldn't really trigger any sort of a lock as they are within the same registrar thus easier to rectify if anything bad happens.

Hacker pushes your domains to their account and immediately initiates a transfer because no lock.

 

[404]

Hacker pushes your domains to their account and immediately initiates a transfer because no lock.

Which could be overcome by inserting an approval by the registrant to unlock. Both for push and transfer.

If hackers really want to steal your domain, they'll hide, fly under the radar and nick your domain when the opportunity is there.

No lock will prevent this.

 

[mr-x]

Hacker pushes your domains to their account and immediately initiates a transfer because no lock.

If the register initiates a lock on account change, and the push requires manual acceptance and updates the registrant ( like at godaddy ) the domain is locked for a period.

 

[Tom K.]

Which could be overcome by inserting an approval by the registrant to unlock. Both for push and transfer.

If hackers really want to steal your domain, they'll hide, fly under the radar and nick your domain when the opportunity is there.

No lock will prevent this.

The hackers were in the Epik servers for months prior to the data dumps, roving about the backend downloading data. They were able to execute shell commands very easily. It was Rob's denials that prompted those dumps. The hackers were fully capable to do unrecoverable damage if they chose to do so.

 

[404]

The hackers were in the Epik servers for months prior to the data dumps, roving about the backend downloading data. They were able to execute shell commands very easily. It was Rob's denials that prompted those dumps. The hackers were fully capable to do unrecoverable damage if they chose to do so.

Yes. That's the most worrysome about hacks like this. At what point and given what security measures can you reasonably assume they're not still hiding in your systems?

I'm not overly concerned but I wouldn't take my chances keeping domains of proper value at Epik.