Customers being told account names, handles and encrypted passwords stolen in the attack.
Internet security is a bigger issue now then ever before with Sony, Bethesda and Codemasters all having various user data stolen over the past eighteen months and today we can add another games company to that list – Cryptic Studios, makers of Champions Online and Star Trek Online.
However where this attack differs is that Cryptic weren’t compromised a day, a week, a month or even a year ago, instead the attack took place sixteen months a go – with users only being told of the unauthorised access to account names, handles and encrypted passwords over the past twenty-four hours.
The California developer certainly has some explaining to do:
“As part of our ongoing efforts to monitor and enhance security, we recently detected evidence of an unauthorized access to one of our user databases. The unauthorized access occurred in December 2010, and evidence of this has just been uncovered due to increased security analysis,” reads an official statement from Cryptic.
“The unauthorized access included user account names, handles, and encrypted passwords for those accounts. Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database. All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident.”
“While we have no evidence that any other information was taken by the intruder, it is possible that the intruder was able to access additional account information. If they did so, the first and last name, e-mail address, date of birth (if provided to Cryptic Studios), billing address, and the first six digits and the last four digits of credit cards registered on the site may have been accessed. We have no evidence at this time that any data other than the account name, handle, and encrypted password were accessed for any user.”
Further to this statement, the rest of which can be viewed here, Cryptic recommend you change any passwords which are the same as the one you used with the MMO maker and that players should “remain vigilant” and monitor account statements and credit card reports.
Users keeping track of all monetary transactions is merely good online practice at this point, but the nature of this attack being found out so long after it was carried out won’t fill account holders with much confidence going forward.
Online security is always evolving but companies have a duty to users to keep their data safe and secure, unfortunately Cryptic have become the latest outfit to fail in that endeavour.
Company of Heroes 2, Batman: Arkham Origins, Grand Theft Auto V, Watch_Dogs, Beyond: Two Souls and Night of the Rabbit previews.Download Now!