Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Champions Online: 'Unauthorized Access' Revealed
SBFord
Former Associate EditorMember LegendaryPosts: 33,129
The Cryptic Studios page has been updated with the announcement that its servers have been the victim of what the press release calls 'unauthorized access'. More troubling is the further announcement that the attacks began in December of 2010 and resulted in user account names, handles, and encrypted passwords for those accounts being made accessible to the intruders.
The unauthorized access included user account names, handles, and encrypted passwords for those accounts. Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database. All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident.
Read the full report on the Cryptic Studios page.
Comments
ouch
/facepalm
Joined 2004 - I can't believe I've been a MMORPG.com member for 20 years! Get off my lawn!
"At Cryptic Studios, your privacy and security is important."
Its so important that they wait 2 years later and then they tell us? thats just sad and wrong
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
Yeah I got "the" e-mail from them last night and thought it was a spoof... I had to research it to see if it was true :-(
Honestly, the hackers can have my account. No need to reset my password. At least I'll know that the STO lifetime sub I bought would be getting some use. I still kick myself for buying that one without playing it first.
I got the email and reset my cryptic password. This is the type of thing that makes me never want to keep payment info on file with anyone which is why I usually cancel my sub as soon as I pay for some time.
Completely unaceptable that they waited one and half year to come out with it!
Even more retarded (and this pretty much shows the kind of incompetent company Cryptic really is) if it really took them one and half year to discover they had been hacked. Which would mean that hackers have been able to use this backdoor for a whole one and half year!!
/FACEPALM
The breach was the same timeframe that Atari were cutting all the staff and trying to offload them. I can imagine it was completely missed and only found when they were upgrading/intergrating with Perfect World's systems.
cryptic fails again what else is new, not this
I thought it was a phishing attempt, I mean read this:
"As a result of routine security checks and upgrades, we have discovered that certain of your account information"
certain of my account? really?
Hah I thought was phishing scam too, but when I get those emails I usually head to the official website to do my changes as oppose to email links.
You're probably right, to be honest I would be surprised if Atari's engineers even knew what they were looking at, Atari made a money grab buying Cryptic, they weren't ready for the long haul of running MMOs.
I'm not going to say Cryptic doesn't have it's problems. However, bad funding and money grabs from Atari were ruining them and I wouldn't be surprised if Atari (which isn't even original Atari anyway) didn't notice this hole in the network. Star Trek originally I thought was awful, ever since Dan Stahl took over, and later on, Perfect World started giving them a reasonable amount of funding, STO's quality has greatly improved and Neverwinter also is looking good. But yeah I would have never played STO in the state it launched in. Of course this break in doesn't annoy me any less
gmail even marked it with a phishing warning.
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
What is unacceptable is that they retain the data for hackers to get at after you have left all of their games.
I am sorry but all account information should be deleted or at least backed up to tape whenever people have left for over a month. If you want to get back you would have to either reset your password to your email address or have them unarchive it.
I am getting sick and tired of "company you played a game with 5 years ago has still retained all your data and hackers now have your old password real name age whatever credit card you used at the time home address phone number -- blah blah blah.
If you drop the game they should have to drop the data.
Even if you never intend to, you do reuse passwords from 10 years ago -- you forget you ever used it and then one gets unknowingly recycled and bam -- you get hacked. The more often you change your passwords and the more passwords you have the more likely it is that you will one day recycle a password.
I'm shocked! No really guise I means it!
Considering this company can't even put out patches without breaking the game, never listen to feedback, and rarely fix bugs(some still around from launch), I'm not even the slightest bit surprised.
Cryptic Studios is only telling part of the truth. The breach was wider and affected other games, notably STO. It didn't only occur on one occasion but over a period of time.
Moral. Don't trust any service, change your PW often (or as often as you can stand it).
Frankly, I don't put much stock in the opinion of bigots.
If you want to be heard by an intelligent person have the decency to not use "retarded" as a pejorative. There are millions of people labeled retarded by the medical and educational fields that don't deserve your disdain. There is no shame in having a biological impairment.
However, there is shame in willful ignorance and stupidity; in denying the facts, refusing to learn, and demonstrating strong emotional opinions about things you know little about. I suggest if denigration is appropriate here, then you are a suitable candidate.
Have played: Everquest, Asheron's Call, Horizons, Everquest2, World of Warcraft, Lord of the Rings Online, Warhammer, Age of Conan, Darkfall
Honestly, the hackers can have my account. No need to reset my password. At least I'll know that the STO lifetime sub I bought would be getting some use. I still kick myself for buying that one without playing it first.
I'll take it off your hands.
Same here, have even forwarded that email to their suppor. Of course the did not respond. Just got some generalized automated response.
But what is really incredible is, yes, date of 2010.