Home › Game Forums › Rift
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Trion account database breached.
Originally posted by Trion Worlds
We recently discovered that unauthorized intruders gained access to a Trion Worlds account database. The database in question contained information including user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards.
There is no evidence, and we have no reason to believe, that full credit card information was accessed or compromised in any way. We have already taken further action to strengthen our systems, even as we, with external security experts, continue to research the extent of the unauthorized access.
Anyone get the email? It's about time these MMO's should stop storing our personal details.
Comments
This is confirmed by Trion
http://www.trionworlds.com/en/games/account-notification?__utma=1.974972898.1324607305.1324607305.1324607305.1&__utmb=1.40.10.1324607305&__utmc=1&__utmx=-&__utmz=1.1324607305.1.1.utmcsr=%28direct%29|utmccn=%28direct%29|utmcmd=%28none%29&__utmv=-&__utmk=25760957
yeah i got the email too.
3.4ghz Phenom II X4 965, 8GB PC12800 DDR3 GSKILL, EVGA 560GTX 2GB OC, 640GB HD SATA II, BFG 1000WATT PSU. MSI NF980-G65 TRI-SLI MOBO.
I wonder if that database had information from inactive accounts.
Amazing -- I did NOT get such an email. Maybe they actually purge their database in a timely manner of people who are no longer subscribed... If so then kudos to trion for actually doing something right that a lot of places do not do.
Either that or they get the data but simply do not notify people who are not currently subscribed -- that would be less good of course.
Oh, and not having the whole credit card number in one place is a very good thing.
oopsie.
Self-pity imprisons us in the walls of our own self-absorption. The whole world shrinks down to the size of our problem, and the more we dwell on it, the smaller we are and the larger the problem seems to grow.
Yea, no such email for me either. I was there for launch and not much after.
I like how they lost your name, address, DOB, email, AND passwords... no worries, we didn't lose credit cards... we don't think.
Nah you just lost everything but my social and more than enough to steal my identity.
quite honestly they did the best thing they couldve done when they found out, they made it public unlike soe who waited what? 2+ weeks?
Also we do not know how strong said encryption is/was but if it is any decent encryption the info wont get out whitout the key to deencrypt it.
Clicky for Rift trial
the email also includes this:
"Nevertheless, if you own the RIFT game, you will be granted three (3) days of complimentary RIFT game time once you update your password and security questions.
Additionally, once you update your account and set a new password, your account will be granted a Moneybags’ Purse, which increases your looted coin by 10%, even if you have not yet purchased RIFT. "
Still not enough to get me to give up my lightsaber!
Risk you take honestly...Blizzard and Bioware are the only ones not hit so far. maybe ccp?
Blech -- so much for giving them kudos -- I just got the message.
Now the reverse of what I said earlier -- I quit the game several months ago. WHY is my CC data and all that other data still accessable to hackers and not archived somewhere?
I mean the main problem is NOT passwords to other similar accounts with regard to email address, but people using your date of birth, name, and email to try to grab your data via password recoveries.
The secondary security is usually far worse than the password itself.
This is hitting them at a bad time. Many will overreact and say "damn Trion, i knew i should have gone swtor!"
The 3 days compensation is also a joke for everyone with an active sub. If someone is an active player, his account is up anyway. If he quit the game, he probably has no interest in another 3 days or any use for them.
i got email and i haven't been subscribed for about 8 months.
Ouch.
Sad news this.
My brand new bloggity blog.
So.......they gave me 30 days of game time free due to the ascend a friend playing the game for more than 30 days
then this?
Did they just reactive my account right before the hacking D;
How much WoW could a WoWhater hate, if a WoWhater could hate WoW?
As much WoW as a WoWhater would, if a WoWhater could hate WoW.
Information thats probably extremely easy to obtain, other than the password which should be unique to Rift anyway.
This is one of the many reasons I do not play Rift anymore. Their security system was beyond constrictive and asinine before. Yet, they still can't keep people from hacking their site. On top of it, when I went through their suggested process to reset my password, it didn't work at all. It just looped me back to their message of security issues and that I needed to reset my password.
So, I'm in the process of getting my account totally closed due to this completely failed security system.
EDIT: Nevermind... it worked for me the second time. I'm still going to get my account totally closed though.
So some people noticed that their google e-mail was attempted to be logged into. This is sad because it is pointing that the breach happened from Russia which very recently introduced Rift servers.
WHOIS - 92.240.208.115
They have been mass-locking threads now, with the hint to keep the discussion in a single topic. From a moderation standpoint, that's most of the time an understandable reason. In this case though, it is but practically impossible to discuss a major topic raising so many different questions, concerns and opinions in a single thread.
Rather looks like they want to cut their losses in this case and not have the forum giving a negative impression in this already very critical time.
Love the people asking if TOR is fun in that thread. I am willing to be money Bioware is up next. They are so caught up int he launch frenzy it would be a perfect time to go after them.
It does seem like the SOE thing has made people almost casual about this stuff now.
I got the email too, funny though since I only played for a month and a half and that was that. I disregarded it as the email read more like a come back to us and give us more money and we wll give you all these neat things....oh yeah and just in case that doesn't get your attention, you may have been hacked so its really important you come back and give us more money...REALLY! Just the way I took it anyway.
(DISCLAIMER - The use of the word YOU in the above post is not directed at any one person in particular, but towards those who fall into the category itself - there is no personal attack here, neither intentional nor implied.)
My wife got the email and she only played the 15 day trial way back when.
So I have to go wtf. LoL as I did not get the email, yet.
I read about this on MMO-Champ(ion), not great news. It is in fact prompting me to remove financial details from most MMO company's I'm registered with just to be on the safe side.
I got one as well for an account tied to an email that no longer exists, I attempted to update it awhile back and resubscribe but the patcher kept crashing, and I couldn't follow thru on the email change without calling/sucking up to some tech on Trion's side so I abandoned the idea...Ten months later, Trion's database is hacked under Trion's nose and customers have credit card info stolen. Trion claims "You should have continued, uninterrupted access to RIFT, and we do not anticipate any disruptions to your playing time" as the pro. Lulz. Strike Two.
Funny thing because when I quit, I thought I put Trion Worlds on the "no contact" list but meh.
Trion for the future... when someone is having to cancel their credit card a few days before the biggest shopping day of the year, giving them three days to play a game and a "Moneybags" pixel item is hardly a make-up for your lax in security since Day 1.
"TO MICHAEL!"