New submitter Etrahkad writes “Trion Worlds, publisher of MMORPG Rift, has announced that somebody broke into one of their databases and gained access to user information. First Sony and now Rift… my identity has probably been stolen several times over, now. From the e-mail: ‘We recently discovered that unauthorized intruders gained access to a Trion Worlds account database. The database in question contained information including user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards. … there is no evidence, and we have no reason to believe, that full credit card information was accessed or compromised in any way.” Are game companies not concerned with preventing these attacks?”
Read more of this story at Slashdot.
SKYMTL writes “Valve has revealed that hackers have gained access to the Steam database and have pulled a variety of information. A statement from Gabe Newell reads in part: ‘Dear Steam Users and Steam Forum Users, Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums. We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.”
Read more of this story at Slashdot.
garatheus writes “The folks at EA/BioWare sent out an email this morning (GMT +2) outlining that their older Neverwinter Nights forums had been hacked, with a fair amount of user information stolen from the database — the likes of user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys and birth dates. They do go on to say that ‘no credit card data was compromised from the servers, nor did we ever have or store sensitive data like social security numbers.’ There’s no pointing of fingers as to who might have done the compromising, though.”
Read more of this story at Slashdot.
skybon writes “After similar attacks on Sony and Square Enix, Codemasters’ website has now been hacked as well. The intrusion took place on 3 June, and is believed to have compromised members’ names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags. In a letter sent out to CodeM subscribers, the company recommended changing passwords as soon as possible.”
Read more of this story at Slashdot.
An anonymous reader writes “Betanews has a series of articles talking about an apparent hack in iTunes that has resulted in fraudulent charges for some users involving Sega’s Kingdom Conquest game. The reports start with a personal account from reporter Ed Oswald, who was a victim of the hack itself. The next story adds reports from readers, and the most recent story adds additional reports, with Oswald saying the number of reports received are in the ‘dozens.’ Apple has yet to confirm the existence of a hack, although reports have appeared on Sega’s own support forums, Apple discussion boards, and through other news outlets.”
Read more of this story at Slashdot.
Published by
Roblimo on
May 23, 2011
alphadogg writes “Sony expects the PlayStation Network hack will cost it $170 million this financial year, it said Monday. Unknown hackers hit the network gaming service for PlayStation 3 consoles in April, penetrating the system and stealing personal information from the roughly 77 million accounts on the PlayStation Network and sister Qriocity service. A second attack was directed at the Sony Online Entertainment network used for PC gaming. Sony responded to the attacks by taking the systems offline.”
Does the $170 million figure include compensation for PSN subscribers who suffered from the outage?
Read more of this story at Slashdot.
nam37 writes “Sony Online Entertainment’s various services seem to be down and a message on the official site does not give much information on the particulars. According to a short post on the site, the services were taken down after an investigation revealed a deeper ‘intrusion’ than expected at first. This is the first we have heard that Sony’s MMORPG arm had some sort of security breach. This could be part of Sony’s plans to beef up security for the PlayStation Network, but this message seems to indicate that something more serious going on.”
Read more of this story at Slashdot.
alphadogg writes “The outage of Sony’s PlayStation Network and Qriocity service, now in its fourth day, looks set to continue after the company said on Sunday that it is ‘rebuilding’ its system to better guard against attacks. Sony said on Saturday that the outage was caused by an ‘external intrusion’ into the network, but has yet to detail the problem. The PlayStation Network is used for PlayStation 3 online gaming and sales of software to consoles and the PlayStation Portable. The Qriocity service runs on the same network infrastructure and provides audio and video to Sony consumer electronics products.”
Read more of this story at Slashdot.
An anonymous reader writes to make sure
everybody
Yoshi
Bullet Bill
Reznor
is aware of Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser’s Castle.
“Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser’s Castle. An Italian plumber could
exploit
jump on
headbutt
fireball
this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for
unspecified other impact
theft of giant gold coins
consumption of narcotics
vicious attacks on Koopas
. This vulnerability is demonstrated by ‘happylee-supermariobros,warped.fm2.’ Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A
bouncing star
patch
radioactive flower
Tanooki suit
has been made available.”
Read more of this story at Slashdot.
An anonymous reader writes to make sure
everybody
Yoshi
Bullet Bill
Reznor
is aware of Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser’s Castle.
“Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser’s Castle. An Italian plumber could
exploit
jump on
headbutt
fireball
this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for
unspecified other impact
theft of giant gold coins
consumption of narcotics
vicious attacks on Koopas
. This vulnerability is demonstrated by ‘happylee-supermariobros,warped.fm2.’ Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A
bouncing star
patch
radioactive flower
Tanooki suit
has been made available.”
Read more of this story at Slashdot.
