Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
EVE Online: Downtime
Taera
Community ManagerMember CommonPosts: 1,078
CCP's Chief Operating Officer issues a statement about today's EVE Online downtime and security breach. According to Hörðdal, no account or billing information was compromised and the servers are back up and being closely monitored.
19.10.2007 22:04:50
EVE Online service restored after unexpected downtimeCCP Chief Operating Officer Jón Hörðdal has issued the following statement regarding the unexpected interruption of service for EVE Online and its website on Friday, October 19.
At 10:25 GMT today we discovered an anomaly in the EVE Online Database indicating a potential exploit. Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 12:57 that group concluded that our best course of action was to go completely dark while an exhaustive scan of our entire infrastructure was executed.What we discovered was an indication that one of our databases was being accessed through a security breach. While some may feel that such a drastic reaction was not warranted, it is always our approach to err on the side of caution in order to protect the players.
We of course understand the effect and disruption this has had for our players and apologize for not having been able to explain to the community what was going on. In these cases it can often be counterproductive to containment to give out information while we are in the process of evaluating the scope of the problem.
Our taskforce quickly found the security breach and prevented that from being used. We subsequently found three cases of database actions being performed through the security breach but none of those affected other users than the one doing the actions. We can also confirm that no personal details such as users’ credentials or credit card numbers were exposed through this incident.
The servers were brought back online at 22:00 GMT and we will of course continue to monitor the situation closely over the weekend and the following week.
Again we sincerely apologize for this disruption.
Regards,
-Jón Hörðdal
Chief Operating Officer, CCP
Read more here.
Laura "Taera" Genender
Community Manager
MMORPG.com
Comments
I might have cancelled my account thanks to my bad economy but i would still say this was a good call, sure no one likes downtime but having account info or cc info stolen is far worse.
Why don't you ask the guy/girl hacking for a reimbursement, there the ones causing problems
/sarcasm off
/sarcasm off
So what, people hacking are scum plain and simple, just because you can does not mean you should now does it?
The game was down less than a day, that happens all the time in MMOs
Laura "Taera" Genender
Community Manager
MMORPG.com
/sarcasm off
So what, people hacking are scum plain and simple, just because you can does not mean you should now does it?
Oh no you misunderstood. I completely agree that the hacker should be skinned alive and then dumped into a LARGE vat of lemon juice and then tossed into a salt lick.However, as a business that takes my money, CCP is responsible for the security of the game. I have been a MMO'er for 10 years now and CCP is the first company I have seen to get hacked this severly twice.
Who ever is running their security needs to get a good kicking.
Opps sorry
Well i like to think that they do what they can, but maybe i'm just showing to much faith in there abilities, but i still think it was a good call to shut it down to find the hack, not like soe after they accidently put beta merchants on live servers and then not taking them down instantly to fix it, people got rolled back days/weeks after that incident and lost xp/flags/raid loot, and that from buying a legit item from a player merchant that might have been made with items from the beta vendors.
I am sure most other MMORPGs have had security breaches but never told their audiences.
This is the internet and having tens of thousands of users on one network means security breaches will happen.
/sarcasm off
So what, people hacking are scum plain and simple, just because you can does not mean you should now does it?
Oh no you misunderstood. I completely agree that the hacker should be skinned alive and then dumped into a LARGE vat of lemon juice and then tossed into a salt lick.However, as a business that takes my money, CCP is responsible for the security of the game. I have been a MMO'er for 10 years now and CCP is the first company I have seen to get hacked this severly twice.
Who ever is running their security needs to get a good kicking.
Is it though? Many games will keep security breaches under wraps at all costs, quite a few of the large mmo's I've played have at one time or another had databases hacked and had to perform a 'performance issue patch'.Also that lemon juice bit is gonna sting a tad.
-----
The person who is certain, and who claims divine warrant for his certainty, belongs now to the infancy of our species.
I dont know... if the other companys are soooo tight lipped as to never have admitted it....how is it possible to know that it did in fact happen?
Or perhaps CCP is one of the only MMOs that tells us the truth as to why they have shut down. SOE I'm sure would have fed us some crap if they had just had a breach in thier security system as would most other game providers.
I for one am grateful that CCP is not only on top of this, they are honest about it.
Security flaws are everywhere in society though, if there was no flaws/holes/exploits/etc then we would have no crime. Unfortunately nothing is failsafe, but at the very least they have managed to keep personal details and financial information safe, which is more than some banks have managed to acheive.
I agree with previous posters -- it's likely that CCP is just being more transparent than most companies in admitting a breach. What you need to worry about is all the folks who have your credit and identity info stolen (probably hundreds to thousands of sites daily) who never report it.
On the other hand as a network security professional *and* a former ISP general manager, there's one thing that makes me nuts about CCP which is that they put their forums on the same system as their servers. Downtime, ok. But downtime and you can't get to their web site, the forums, or anywhere to bitch about it?
Totally unacceptable!
Seriously, they should move the forums to a remote co-lo or something so we can geek out (and complain) during downtime. The fan sites have a good deal of geekery, but they can't tell us why the servers are down.
Shava
The game was down less than a day, that happens all the time in MMOs
Signed. EvE is online like 23/7. Just check out how WoW servers are long down when they doin' something on them.
First i would like to thank CCP for their transparent communication policy: today, where every small piece of information may lead to full collapse of a company, i really appreciate their courage to inform the community what is going on. Most of the companies do not understand that, if they provide their customers with such kind of information, it will not lead to the loss of confidence. For sure, too much information is bad, because it can lead to false interpretations, but keeping customers in dark is even more worse. I work for a large online trader and i do understand the predicament of information giveaway, anyway ... thank you CCP.
This depends heavy on the application and system design. The website has many dependencies on the game data(base), so i think it is not easy to make them independant of each other. I already thought, how i can be possible that someone access their DB, as they are usually placed into DMZ, which is only accessible by application server. This would be that someone has compromised their application or the application their application depends on (like apache) and then got access to the DB. Well, every thought would be a speculation, because we do not know their setup and i do not think that CCP will provide this information to us
CPP, you have really nice monitoring in place and very responsible IT operations team. I love your professionalism.
Hey CCP,
Thanks for staying on top of it! Good Job ! :-)
What are you planning to spend your 49 cents on?
CCP are just being honest, they could of just said they had a hardware or a power failure and left it at that.
Good for CCP being honest its a good mark in there book really.
Also the CC details etc will be on a seperate DB and hardware which is not part of the main game system so to actually find it will probable be much harder.
Wow - 20 posts in and no-one's accused BoB of being the source of the hacking! Allow me to be the first - nerf BoB!!
BoB = Source of all that's evil
What are you planning to spend your 49 cents on?
Actually its more like 40 cents a lot of money for some it seems.
-----------------------------------------------------------------------------------------------------------------------
Retired from: Neocron, Everquest, Everquest 2, Guild Wars, RF Online and Final Fantasy VII
Currently Playing : EvE Online.
im an eve'r and i dont believe I should recieve reimbursment. to think otherwise is would be greedy,selfish, and self centered. CCP had an issue that was being exploited. rather than keep the game online they shut everything down and closed the potential security hole. which I commend them for. so what if some of you got inconvenienced from your drama on the game or your mining or ratting. who cares id rather than shut everything down, secure the holes and then bring up the game when everything is secure. I commend them for that.
3.4ghz Phenom II X4 965, 8GB PC12800 DDR3 GSKILL, EVGA 560GTX 2GB OC, 640GB HD SATA II, BFG 1000WATT PSU. MSI NF980-G65 TRI-SLI MOBO.
The IP address was from China, surprise, surprise. About time that country cleans up their internet issues, personally if I had a MMO, I would block all IP addresses from that region. It would be a shame too as I know some nice people from that area of the world.
What are you planning to spend your 49 cents on?
Actually its more like 40 cents a lot of money for some it seems.
actualt is more like 16.3 cent, at a 14 dolla/euro sub a month