news Was there a Hack/Data Breach at Epik?

[amplify]

Which could be overcome by inserting an approval by the registrant to unlock. Both for push and transfer.

Yes, that is one way, unless the hackers also have access to that. Then, they're in and out to another registrar quickly.

Having at least a 10~ day lock would give the true registrant time to reflect on what is happening.

 

[404]

Yes, that is one way, unless the hackers also have access to that. Then, they're in and out to another registrar quickly.

Having at least a 10~ day lock would give the true registrant time to reflect on what is happening.

Agreed. Locking everything down is the easiest and most secure way. Not very practical though.

I'm all for security measures but when I can provide my id, payed with matching card, provide all account details, am mailing from the registered email address, that should be sufficient for any registrar to enable me to retain full control. At Epik that's not good enough, so it seems.

 

[mr-x]

Agreed. Locking everything down is the easiest and most secure way. Not very practical though.

I'm all for security measures but when I can provide my id, payed with matching card, provide all account details, am mailing from the registered email address, that should be sufficient for any registrar to enable me to retain full control. At Epik that's not good enough, so it seems.

I love how this conversation went from a few unnamed domains might have been moved out of an account that used the same password on multiple websites, including epik to... Why won't epik unlock my domains.

You know very well why epik is locking domains after an account / registrant change. What am I missing?

 

[404]

You know very well why epik is locking domains after an account / registrant change. What am I missing?

Yes. They lock the domains because it's in their tos and part of their mo. What am I missing?

Edit: even more upsetting, they now deny to provide my Auth codes for domains that they locked, referring to their TOS, straight against ICANN policy.

 

[mr-x]

Yes. They lock the domains because it's in their tos and part of their mo. What am I missing?

"I'm all for security measures but.... " ( just ignore everything before but ) "when I can provide my id, payed with matching card, provide all account details, am mailing from the registered email address, that should be sufficient for any registrar to enable me to retain full control. At Epik that's not good enough, so it seems."

Have you actually done this and not been able to take control of your domains or are you just bull shitting?

Also, "mo" is often associated with repeated criminal behavior; what's the point of including it after you state their tos requires a lock period?

 

[404]

"I'm all for security measures but.... " ( just ignore everything before but ) "when I can provide my id, payed with matching card, provide all account details, am mailing from the registered email address, that should be sufficient for any registrar to enable me to retain full control. At Epik that's not good enough, so it seems."

Have you actually done this and not been able to take control of your domains or are you just bull shitting?

Simple answer: yes. And it has been like this for a while. I contacted support 4 times. They're stonewalling me but are ok taking my money and profiting from it.

 

[mr-x]

Simple answer: yes. And it has been like this for a while. I contacted support 4 times. They're stonewalling me but are ok taking my

Are they breaking their TOS? Did the TOS change after you registered the domains? If not, you're complaining to the peanut gallery.

money and profiting from it.

I would hope so.

 

[404]

Are they breaking their TOS? Did the TOS change after you registered the domains? If not, you're complaining to the peanut gallery

I hear you. Their TOS doesn't match up with what they claim/advertise in public.

I don't care about their TOS, I care about my rights as a registrant, which is covered by ICANN regulation.

My latest ticket: (187761) would be escalated to management over 24 hours ago. Still no answer...

 

[404]

And that's just one example. I have been a happy client for a while but they're just taking the piss now.

I'm not 100% sure but I take it you're an Epik user and at NP as well? It's all there to research if you are interested.

 

[Tom K.]

Also, "mo" is often associated with repeated criminal behavior; what's the point of including it after you state their tos requires a lock period?

LOL. MO is an acronym for modus operandi. It can refer to anyone or any company that has a pattern for or practice of doing things a certain way. Not limited to criminal behavior.

Agreed. Locking everything down is the easiest and most secure way. Not very practical though.

That can be a stop gap measure during fixing a security hole. However, as you wrote, not practical long term.

 

[404]

would hope so.

Same. Thats business..as long as you live up to your promises. If you don't. Dick move.

 

[404]

LOL. MO is an acronym for modus operandi. It can refer to anyone or any company that has a pattern for or practice of doing things a certain way. Not limited to criminal behavior.

Thanks for clearing that up, missed it. yes, modus operandi it is.

Not limited to criminal behaviour obviously.

Edit: like, a lot of sweet talk. We'll lift locks for you. We're here for you. We're all about creating abundance. Bit when shit hits the fan. It's like , screw you.

Edit2: pardon my french. Like I said, been a happy customer. Rob has been great, but they're fubar as it is.

 

[404]

That can be a stop gap measure during fixing a security hole. However, as you wrote, not practical long term

Exactly. Even if that's the case. Just say so. Don't refer to a ridiculous TOS and ICANN which is nonsense. Be open about it.

No buyer paying a decent amount of money would leave their domain at Epik. They'd want the Auth code and get the hell out of there.

 

[mr-x]

You agreed to the terms of service, a legal contract.

I hear you. Their TOS doesn't match up with what they claim/advertise in public.

I don't care about their TOS, I care about my rights as a registrant, which is covered by ICANN regulation.

My latest ticket: (187761) would be escalated to management over 24 hours ago. Still no answer...

 

[mr-x]

LOL. MO is an acronym for modus operandi. It can refer to anyone or any company that has a pattern for or practice of doing things a certain way. Not limited to criminal behavior.

I didn't say it was limited to criminal behavior. I said it is associated with criminal behavior and a unnecessary negative addition after "tos" aka, the terms of service, aka the contract that you agreed to when you joined Epik and used their service.

That can be a stop gap measure during fixing a security hole. However, as you wrote, not practical long term.

Godaddy had the same 60 day rule until this year.

You can complain but epik has done nothing outside of the rules 404 agreed to.

 

[404]

You agreed to the terms of service, a legal contract.

Sure I did. However a tos holds no grounds against the law and ICANN regulation.

Besides, that would mean their ceo is publicly lying about things supposedly possible but prohibited by their TOS.

You can't eat your cake and have it too.

I deal with registrars prohibiting these thing every day. But you won't find their ceo publicly claiming otherwise.

 

[mr-x]

Sure I did. However a tos holds no grounds against the law and ICANN regulation.

Besides, that would mean their ceo is publicly lying about things supposedly possible but prohibited by their TOS.

You can't eat your cake and have it too.

I deal with registrars prohibiting these thing every day. But you won't find their ceo publicly claiming otherwise.

Good luck. Can you point to the ICANN reg?

 

[404]

Godaddy has the same 60 day rule until this year.

No they don't.

Edit: Not since 2016

 

[404]

ICANN.org

Edit: this is supposed to be a professional forum right? I'd think most people are exactly aware of where to find ICANN and their policies.

 

[404]

Btw, we can go back and forth all we want but that doesn't chance much and kinda takes this thread off track.

We're supposed to be discussing the Epik hack, not the state the registrar is in.