Epik Sends CloudBleed Email Update | DomainInvesting.com
Neustar Domain Names

Epik Sends CloudBleed Email Update

2

You may have already heard about a recently discovered security bug called CloudBleed. Based on what I have read about the bug, users of many websites could potentially be impacted, and people may not even know their accounts could become compromised. I presume there is the potential that this could involve domain industry companies.

Yesterday, I received an email from Epik that I want to share with you. I think it is a good idea for Epik (and other companies) to address this ASAP and make sure their customers are aware of the situation. Kudos to Epik for informing customers of the issue almost immediately. Hopefully other industry companies that may be impacted will follow suit.

Important update – Cloudfare vulnerability

Recently, a serious vulnerability discovered in a service called Cloudfare – a technology widely used by companies worldwide to enhance site performance and increase security. The service is not used directly by Epik, but is used by a 3rd party service called Zendesk, used for live chat support. While we are confident that your account at Epik has been in no way compromised, this note provides background and explains recommended precautions.

The Cloudflare vulnerability, so-called CloudBleed opened the possibility that sensitive data, such as account names and passwords, may have leaked from some sites. The exact extent of any leak, if it occurred, is still unclear. While Epik is not affected as we do not use Cloudfare directly, we do take your account security very seriously. As a precaution, we are resetting all customer account PINs. Should you need your new PIN, you can login at Epik.com and see your new PIN.

If you use the same password also in other places on the web, you will also want to come up with a unique password for your Epik account. When choosing your password, please try using a strong, unique combination. A good password should contain a mix of at least eight letters, numbers and symbols. Besides keeping good passwords, there are several additional measures you can take for securing your account:

1. Enable WHOIS privacy for your domains – we offer it for free
2. Enable 2-Factor SMS authentication
3. Enable IP address restriction
4. Enable free Max-Lock which will block all transfers out requests

Please reach us out anytime at support@epik.com if you need assistance with the steps above or have any further questions.

Regards,
Epik


About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has sold seven figures worth of domain names in the last five years. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest.


Reach out to Elliot: Twitter | | Facebook | Email

Comments (2)

    Michael

    It is an interesting thing that now we truly focusing in on cyber security as a nation and the real impact on businesses and not only public but national security.

    As an investor, I’m wondering if the $17 I spent on these two hand regs will pan out…
    CloudbleedSecurity.com
    &
    CloudleakSecurity.com

    It may be too short term of a security threats for a domain investment. Let’s see. I’m open to some feedback.

    February 28th, 2017 at 10:52 pm

    Michael

    As an investor, I’m wondering if the $17 I spent on these two hand regs will pan out…
    CloudbleedSecurity.com
    &
    CloudleakSecurity.com

    It may be too short term of a security threats for a domain investment. Let’s see. I’m open to some feedback.

    February 28th, 2017 at 11:34 pm

Leave a Reply

Name *

Mail *

Website