According to what I have read and seen the Epik data leak includes credit card numbers, registered names, whois data, whois privacy data, usernames, emails, passwords, failed password attempts, auth codes, etc. Pretty much EVERYTHING a registrar stores on its servers. More on this coming soon…
There is also a video with Rob Monster answering questions about the Epik hack: “Epik CEO Rob Monster responds to the breach of his web hosting company by the hacking collective Anonymous during a live Q&A on Sept. 16, 2021.
Epik sent an update to its customers confirming the hack:
We are contacting you to notify you of an urgent security notice. Despite the extensive security practices we use to protect our platforms and customer information, we have confirmed an unauthorized intrusion into some of our domain-related systems.
We have mobilized the full force of multiple cyber security teams to assess the scope of this intrusion. We are taking aggressive action to completely secure and remediate all potentially affected systems, while complying with all applicable laws. As we work to confirm all related details, we are taking an approach toward maximum caution and urging customers to remain alert for any unusual activity they may observe regarding their information used for our services – this may include payment information including credit card numbers, registered names, usernames, emails, and passwords.
At this time, we have not confirmed that your card information has been compromised. As a precautionary measure, you may choose to contact any credit card companies that you used to transact with Epik and notify them of a potential data compromise to discuss your options with them directly. Should you observe any unauthorized activity, please document and report it immediately.
We are notifying you because we consider your privacy and security our single greatest priority. Our mission to provide legendary service to all customers remains unchanged. We appreciate your support as we work through the full resolution of this situation, and we will continue to provide you with ongoing updates as we learn more.
Epik Security Team
Original article: Epik hack update (plus a video)
©2021 Domain Observer. All Rights Reserved.