| Mail |
You might also like: WoW Insider, Joystiq, and more

Reader Comments (61)

Posted: Dec 22nd 2011 10:05PM Lockisezmode said

  • 2 hearts
  • Report
This really sucks since the passwords are the only data that was encrypted. The real question will be how long until customers realize how bad this is. Paypal for the win.

Posted: Dec 22nd 2011 10:36PM kevinrahl said

  • 2 hearts
  • Report
@Lockisezmode Yeah Paypal or a prepaid credit card. Seriously I never understand why some people actually use a card attached to their bank account this day and age. There is no reason for it when you have so many options.
Reply

Posted: Dec 23rd 2011 12:41PM LeBouc said

  • 2 hearts
  • Report
@kevinrahl

Doesn't your solution just concentrate all your financial/personal information into 1 place i.e. Paypal, until the day Paypal gets hacked?

Reply

Posted: Dec 22nd 2011 10:13PM CalebG said

  • 3 hearts
  • Report
Am I the only one wondering if the hackers would be nice and send me a birthday present to my address on my birthday?

Posted: Dec 22nd 2011 10:14PM NeverDeath said

  • 1 heart
  • Report
Also sorry for double post, but at least they're trying to compensate in some way.

Posted: Dec 22nd 2011 10:36PM (Unverified) said

  • 2 hearts
  • Report
Here we go again.

The SOE hackage was a PITA, now I have to go through the whole 'new credit card number' thing again. again.

(Oh...and SOE had better compensation)

Posted: Dec 22nd 2011 10:40PM OrangeGamer said

  • 2 hearts
  • Report
Oh boy, 3 extra days of gametime for a game I no longer play.:/

Then again, the security was crap. You didn't even need to authenticate to get to credit card info.

Just facepalms all around.

Posted: Dec 22nd 2011 11:57PM yeppers said

  • 3 hearts
  • Report
@OrangeGamer

Yeah that's what, $1.50 if you're still subscribing? Companies need to be held more accountable for this kind of loss of data. They need as much incentive as possible to have the highest level of security.

The tough part is knowing which companies are left who have my credit card stored and finding a way to have it removed. Add to that to never store it on a website again.
Reply

Posted: Dec 23rd 2011 1:17PM PhelimReagh said

  • 2 hearts
  • Report
@yeppers
I worked for an insurance company, and it was industry-wide practice that if this kind of thing happened, every person who's information was hacked was notified, in writing and via email, and offered 1 year's credit watching, which was about $20 per customer.

It created strong incentives to ensure good security, especially if you had millions of customers. Yet if hackers steal the same information from an MMO and you get... nothing.
Reply

Posted: Dec 24th 2011 11:22PM OrangeGamer said

  • 2 hearts
  • Report
@yeppers Yeah, these exploits and hacks and leaks have exploded this year. I sympathize with not wanting to use CC info. Luckily, in my household we had Paypal on our Rift subscription payment method, but I removed that for posterity.

I'm personally going to start using the gift card Visas if I absolutely need a credit card to do something online.
Reply

Posted: Dec 22nd 2011 11:13PM jimr9999us said

  • 2.5 hearts
  • Report
Wow, didn't take much time after Rift entered Russia for the s*** to hit the fan.

Really bad timing for Trion, right after swtor released. Now pardon me while I go tell my wife our debit card info was stolen.

Posted: Dec 22nd 2011 11:55PM Dblade said

  • 2 hearts
  • Report
@jimr9999us I know, right?I don't even know why people bother with the russian market given the wild west atmosphere it is out there.
Reply

Posted: Dec 23rd 2011 12:17AM ImperialPanda said

  • 2 hearts
  • Report
@jimr9999us

If someone steals your credit card info, as long as you pay attention to your statements all you'll get is a bit of extra work. If someone steals your debit card info, you can actually lose money.
Reply

Posted: Dec 22nd 2011 11:14PM JohnD212 said

  • 2.5 hearts
  • Report
When is there going to finally be punishment for letting this stuff happen. I mean how can we, as consumers, feel confident giving our credit card information and personal information to these companies if they are so easily hacked. I hope there is eventually more punishment and penalties to these companies for not taking better precautions. I mean how do we know how secure they are? We don't and yet they require us to provide so much detail.

Posted: Dec 23rd 2011 12:22AM ImperialPanda said

  • 2 hearts
  • Report
@JohnD212

It's impossible to keep something completely secure. The only thing companies can do is make it more difficult to hack into their servers.

You can simply choose not to play Rift. Or to not use your credit card online. Or not use a credit card ever.
Reply

Posted: Dec 22nd 2011 11:15PM Felnor said

  • 2 hearts
  • Report
No excuse. There is no damn excuse for this crap. Anyone who is in the business of handling our CC information let alone other sensitive information needs to get their crap together. You see a company get hit? DO A F****** REVIEW OF YOUR POLICIES!!!!


Posted: Dec 22nd 2011 11:47PM Joshua Przygocki said

  • Half a heart
  • Report
@Felnor
You know the risk. Anyone is vulnerable, any company is vulnerable. It isn't their fault you gave them your credit card info.
Reply

Posted: Dec 23rd 2011 2:44AM aurickle said

  • 2 hearts
  • Report
@Joshua Przygocki
People like Felnor don't really understand the realities of this topic.

First, let's say a company hires a dozen people who's full-time job is data security. That's actually optimistic, since most IT people do more than one type of task and most companies don't have an IT staff that big. But I'll be generous. The truth is that if the company has any kind of customer base there are going to be dozens of people trying to beat that security. The good guys are always outnumbered.

Second, IT security is by its very nature more reactive than proactive. You can't build a system without vulnerabilities for the same reason you can't program an MMO without bugs. If you're in charge of security you are spending most of your time finding out what the bad guys have been doing recently and then finding ways to prevent your systems from being hit in that manner. In other words, the bad guys are always a step ahead.

Felnor, you might also argue that by living in a gated community with a security staff you should expect to be protected from having your house burglarized. Good luck with that. If your neighborhood is in a high crime area it doesn't matter how good the community's security might be. You'll still be wise to have a security system in your house and possibly other measures like a panic room. The same principle applies here because let's face it: MMO's have become an extremely high crime community. You simply cannot expect the company to be invulnerable. That kind of security does not exist.
Reply

Posted: Dec 23rd 2011 8:08AM Felnor said

  • 2 hearts
  • Report
@aurickle - Actually I've worked in a couple of companies that did reviews of security processes and procedures quite often and this is dealing with Credit Card information and other private information, SSN, etc...
My point is that any company that sees another company get hit, make sure you are prepared.
Reply

Posted: Dec 22nd 2011 11:24PM Alarie said

  • 2.5 hearts
  • Report
Wow Timecards are looking better and better every single day.

Featured Stories

Engadget

Engadget

Joystiq

Joystiq

WoW Insider

WoW

TUAW

TUAW