| Mail |

You might also like: WoW Insider, Joystiq, and more

More Sites You Might Like

Star Wars Galaxies fan site hacked, 23K passwords stolen

by Justin Olivetti on Aug 31st 2011 11:30AM

Sci-fi, News items, Star Wars Galaxies, Legal, Miscellaneous

Talk about kicking a game's community when it's down.

VentureBeat reports that Star Wars Galaxies.net, a major SWG fan site, was hacked yesterday. Star Wars Galaxies.net is part of a LucasArts fan site network, and apparently was not being actively maintained, as the last update was in June of 2009. Still, over 21,000 email addresses and 23,000 passwords were stolen -- some of which could lead to identity theft, according to authorities.

The hack was perpetrated by ObSec, a small group in the vein of LulzSec. The hackers posted the email addresses and passwords online for all to see. Analysis of the passwords found that 71% were relatively weak and easy to crack anyway.

Some Star Wars Galaxies players may see this as an unfortunate echo of the much larger Sony hack that happened earlier this year. We at Massively urge any players who have used this fan site to make sure that they change their passwords elsewhere as well.

Source: VentureBeat

Tags: emails, fan-site, fansite, fansites, hack, hacked, hackers, identity-theft, lucasarts, lulzsec, obsec, passwords, star-wars-galaxies, star-wars-galaxies.net, stolen, swg

Reader Comments (16)

This is why it is important to give every thing you sign up for its own unique and tough password.

Signed,

Captain Hindsight

@Beau Hindman Yeah, definitely make unique passwords for your most important things...(like bank accounts). Other things...I don't really. To much to remember, and writing it down kinda defeats the purpose.

Well, having been part of a fan site that has evaporated and thinking sorta along the vein of the permutations, such as this one (the game goes down or interest goes down but the fan site is still up), it is rather sobering info.

Basically, it won't last forever, including individual's interests in particular games.

And while it's part of the LucasArts network, one has to wonder about those passwords/names that may've been re-used on other sites.

Still, another sad fact has made itself clear to me: We still have a devoted portion of folks who are a splinter group of folks from a certain group that already splintered from another group...and they are still asses.

Best of the whole article was "Analysis of the passwords found that 71% were relatively weak and easy to crack anyway."

I still can't believe people use such easy passwords.

If the maintainers of the site had chosen a secure way to store the passwords there would not even be a way to find out about those 71% weak passwords...

"As far as I've been able to determine this breach seems to have happened over 3 years ago, before the forum was upgraded, though at least some of the account information stolen at the time is still valid."

3 years ago ;s

I think I'm having a slow moment.

Why? Why hack the fan site of a game that's only got a few months on it?

@Issmir

Target of opportunity probably. They take what they can get. They'd have you believe that they are so skilled they can take down anyone they want but it's really not the case at all.

@Issmir not everyone uses seperate passwords for all there things, and to troll people of course. that's a staple of the net.

Yeah, makes sense, I guess. Still not exactly the stuff of legends though, is it?

I'll just leave this here: http://strongpasswordgenerator.com/

I always use Mxyzptlk's name from Superman because it's unique and no one would ever think of typing it out.

I put this on every game I play so that way, it's always safe and secure.

People should get more creative like and use names from comics like I am so they wouldn't get hacked. I remember how to spell it without looking it up because I use it on everything, even on my Massively account.

I doubt anyone would think of it when hacking.

So-called strong passwords are of no use in the case of a website's data records being hacked. No user can legislate against that, and in those cases where passwords are actually hacked as opposed to in effect being given away by the data holder it's much more down to the sites you visit and the stuff you download than it is down to the strength of your password. Keyloggers don't differentiate between strong and weak passwords!

"Many Bothans died to bring us this information."

I'm part of the Lucasforums network that swgalaxies.net is attached to, does this mean I was also hacked, or is it just the site itself?

I wonder how long it will be before people start trying to defend them as some kind of social justice enterprise this time.

They were scumbags when they did it the first time, and guess what, they are still scumbags now.

Star Wars Galaxies fan site hacked, 23K passwords stolen

Reader Comments (16)

Posted: Aug 31st 2011 11:41AM Beau Hindman said

Posted: Aug 31st 2011 12:00PM Tizmah said

Posted: Aug 31st 2011 11:45AM Space Cobra said

Posted: Aug 31st 2011 11:47AM Caskio said

Posted: Aug 31st 2011 11:59AM MacDexter said

Posted: Aug 31st 2011 12:47PM Viiral said

Posted: Aug 31st 2011 1:37PM Issmir said

Posted: Aug 31st 2011 1:52PM chum said

Posted: Aug 31st 2011 1:55PM Acharenus said

Posted: Aug 31st 2011 3:21PM Issmir said

Posted: Aug 31st 2011 3:22PM (Unverified) said

Posted: Aug 31st 2011 4:50PM real65rcncom said

Posted: Aug 31st 2011 4:54PM Seffrid said

Posted: Aug 31st 2011 5:56PM Paradigm68 said

Posted: Aug 31st 2011 6:06PM RogueJedi86 said

Posted: Sep 1st 2011 7:26AM Quinnthalas said

Info

Description

MSRP

Release Date

Genre

Developer

Publisher

Rating

Breaking News

The Secret World launch delayed to July 3rd

Featured Stories

The Mog Log: The Legacy rewards and what they mean

The Tattered Notebook: The passing of Ribbitribbitt

The Firing Line: PlanetSide 2's Matt Higby on the MMOFPS revolution

Engadget

Joystiq

WoW

TUAW