Massively

Hacking ring infiltrates Trion, Nexon, and Neowiz game servers

Jef Reahard — Fri, 12 Apr 2013 17:00:00 EST

A China-based hacking ring has infiltrated servers belonging to "dozens of online video gaming companies and stolen valuable source code over a four-year period," according to The Sydney Morning Herald.

The newspaper's website says that Neowiz, Mgame, Nexon, and Trion are among the companies affected. Moscow-based security firm Kaspersky Lab is conducting an ongoing investigation into the hacking ring's activities, but has not been given full access to infected servers. Some game companies reported the presence of malicious software which suggests that the hackers manipulated virtual currencies, according to the Herald.

The group, named Winnti by Kaspersky, began its current campaign in 2009 and is still active today. The Herald reports that Neowiz "did not respond to requests for comment, while Trion and Nexon declined to comment. Mgame said it had no immediate comment."

Hacking ring infiltrates Trion, Nexon, and Neowiz game servers originally appeared on Massively on Fri, 12 Apr 2013 17:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Heroes of Newerth gets hax0red

Elisabeth Cardy — Mon, 17 Dec 2012 17:30:00 EST

Filed under: Fantasy, Events (In-Game), New Titles, MOBA

It's that special time again -- you know the one we're talking about. The time for all of us to think about our behavior and see how we measure up. It's not Santa that's come to town; it's a security breach! Heroes of Newerth's database has been infiltrated, giving someone access to account and login information.

According to an announcement on the game's login page, players are "encouraged to change any passwords that were shared with [their] Heroes of Newerth account" and to not change their HoN password at this time.

As everybody does at every single security breach, we'd like to reiterate the importance of using strong and unique -- more unique than strong, if you've got to pick between them -- passwords for all of your accounts. Password managers are your friends.

Heroes of Newerth gets hax0red originally appeared on Massively on Mon, 17 Dec 2012 17:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Rumor: Origin hacked, EA denies intrusion [Updated]

Justin Olivetti — Wed, 14 Nov 2012 14:30:00 EST

Filed under: Ultima Online, Legal, Rumors, Star Wars: The Old Republic, Miscellaneous

If you have created an EA Origin account for any reason, such as for Star Wars: The Old Republic or Ultima Online, we advise you to change your password posthaste. Numerous sites are reporting that hackers have breached Origin's security and are potentially modifying account information and stealing it.

Allegedly affected players claim that the hackers are changing the log-in emails associated with their accounts and that the new email addresses have a Russian suffix.

In response to a question about whether any accounts were compromised by hacking, an EA spokesperson made the following statement: "At this point, we have no reason to believe there has been any intrusion into our Origin database."

EA has updated us with its full security statement:

Anytime a player has a question about the security of his or her account or personal data, we take it very seriously and take all possible steps to help. For any customer who cannot access their Origin account for any reason, we ask them to please contact Origin Help or EA's customer experience group at help.ea.com. The robust security measures in place to protect Origin users accounts are constantly being expanded and upgraded, and we also strongly recommend customers take the protective steps of using strong passwords and changing passwords often.

Rumor: Origin hacked, EA denies intrusion [Updated] originally appeared on Massively on Wed, 14 Nov 2012 14:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Security breached in PlaySpan hack, multiple games affected [Updated]

MJ Guthrie — Wed, 10 Oct 2012 11:00:00 EST

Filed under: Business Models, MMO Industry, News Items

Some MMORPGs have been affected by a security breach at PlaySpan. User IDs, encrypted passwords, and email addresses for the players of multiple unconfirmed MMOs have been compromised, according to Develop.

Upon detecting the breach, PlaySpan locked all accounts and closed the PlaySpan Marketplace. The company is asking users to reset their passwords while the firm investigates the hack; it also encourages folks urges folks to reset passwords on other websites as a precaution.

A PlaySpan spokesperson stated, "We sincerely apologize for any frustration or inconvenience this incident has caused our customers. We know PlaySpan's business depends on consumer trust. Security is a top priority for us, and we are redoubling our efforts to strengthen PlaySpan's overall system security."

[Thanks to Chris for the tip!]

[Update: We've removed EVE Online, Guild Wars, and RuneScape from the list of compromised games as they were not affected as Develop originally reported. CCP has released a statement denying that it shares customer information with PlaySpan; ArenaNet has likewise posted that it does not use PlaySpan for its games. Turbine has likewise confirmed that contrary to rumor, "Turbine game accounts are not connected to the Playspan Marketplace".]

Security breached in PlaySpan hack, multiple games affected [Updated] originally appeared on Massively on Wed, 10 Oct 2012 11:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Blizzard internal network hacked, some Battle.net account details compromised

Brianna Royce — Thu, 09 Aug 2012 18:50:00 EST

Filed under: World of Warcraft, Fantasy, MMO Industry, News Items

Blizzard Entertainment has just posted an "important security update" to its official site. The studio responsible for World of Warcraft, Diablo III, and StarCraft revealed that its security team "found an unauthorized and illegal access" into Blizzard's internal network.

While Blizzard president Mike Morhaime explains that no financial data (like credit card details, real names, and billing addresses) were compromised as a result of the security breach, he does admit that emails, answers to security questions, and encrypted Battle.net passwords of North American players (and others outside of China) were accessed.

"Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts," wrote Morhaime, but the company is still investigating the breach and recommends that all players change their passwords "as a precaution."

Blizzard internal network hacked, some Battle.net account details compromised originally appeared on Massively on Thu, 09 Aug 2012 18:50:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Eight million gamigo user accounts compromised

Jef Reahard — Mon, 23 Jul 2012 15:15:00 EST

Filed under: MMO Industry, News Items, Free-to-Play, Miscellaneous

Last March we told you about an attack on free-to-play publisher gamigo's account services. Today The Verge reports that the security leak has resulted in the credentials of over eight million users being posted on a password-cracking website.

Steve Thomas, founder of a hacking alert service called PwnedList, says the gamigo breach is "the largest leak I've ever actually seen."

Compromised data include usernames, passwords, and email addresses. Users who held gamigo accounts prior to March 2012 are being encouraged to change their credentials.

Eight million gamigo user accounts compromised originally appeared on Massively on Mon, 23 Jul 2012 15:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

F2P publisher gamigo's account services offline after hack [Updated]

Jef Reahard — Thu, 01 Mar 2012 10:30:00 EST

Filed under: MMO Industry, News Items, Free-to-Play, Miscellaneous

If you're a fan of gamigo's free-to-play MMO library, you may have run into some trouble accessing your account info as of yesterday. The company "detected an illegal intrusion into [its] gamigo account system," according to an official post on the Jagged Alliance forums.

The hack resulted in a temporary cessation of registration, account management, and payment services. The company says that while the game servers are still up and running, "the gAS services might be down for a while." gamigo also says that it encrypts passwords and that "no access to account names and other data is confirmed."

[Thanks for the tip, Tim!]

[Update: gamigo has now posted a letter to its website discussing the intrusion and recommending steps players should take to reset passwords and secure their accounts.]

F2P publisher gamigo's account services offline after hack [Updated] originally appeared on Massively on Thu, 01 Mar 2012 10:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Mortal Online hacked, Star Vault encourages users to verify accounts

Jef Reahard — Mon, 20 Feb 2012 13:00:00 EST

Filed under: Fantasy, MMO Industry, News Items, Mortal Online, Sandbox

If you've got an active Mortal Onlne account, you may want to think seriously about changing your password. A new post on the sandbox title's forum describes a security breach that led to the destruction of in-game assets and account status changes. The intrusion has since been contained, according to a Star Vault GM, and "additional security is in place."

The company says that customer payment information was not affected, but users are encouraged to verify their account status and passwords anyway.

As to the breach itself, details are understandably scarce, but Star Vault does say that a member of the GM staff had his account compromised and his details used to carry out the aforementioned mischief.

[Thanks to slapshot1188 for the tip!]

Mortal Online hacked, Star Vault encourages users to verify accounts originally appeared on Massively on Mon, 20 Feb 2012 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Trion Worlds customer database hacked, 'no evidence' credit card info stolen

Justin Olivetti — Thu, 22 Dec 2011 22:00:00 EST

Filed under: Fantasy, MMO Industry, Legal, RIFT, Miscellaneous

Trion Worlds has become the latest in a long string of MMO studio security breaches this year, as the company reported an intrusion into its customer database. At risk of compromise were customers' user names, passwords, birthdates, email and billing addresses, and partial credit card info. However, the company states that "there is no evidence" that full credit card numbers were stolen at this time.

In a message posted on the Trion Worlds website, the company promises that it is both researching the intrusion and taking steps to increase security. As part of this, all RIFT players will be asked to change passwords and security questions, and their mobile authenticators will need to be reconnected.

The company urges customers to watch their bank statements for questionable activity, and provides customers with resources to get a free credit report and putting a freeze on credit reports.

To compensate customers for the issue, Trion is providing all RIFT players with three extra days of gaming time and a Moneybags' Purse that increases all money looted by 10% in-game.

[Thanks to everyone who sent this in!]

Trion Worlds customer database hacked, 'no evidence' credit card info stolen originally appeared on Massively on Thu, 22 Dec 2011 22:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Square-Enix says no user info stolen during security breach

Justin Olivetti — Wed, 21 Dec 2011 09:00:00 EST

Filed under: Final Fantasy XI, MMO Industry, Legal, Final Fantasy XIV, Miscellaneous

A week ago we reported that Square-Enix's Members site, a loyalty program for fans of the studio's games, suffered an unwarranted intrusion and was subsequently taken offline as the company conducted an investigation. It turns out that the best possible outcome of this investigation has occurred, as no personal information was stolen. Subsequently, the company plans to bring its Japanese and North American websites back online by the end of the month.

Square-Enix posted the following notice as an update:

As a result of our continuing investigation, we have now confirmed that the database in which we store personal information was NOT accessed during the recent server intrusion. Therefore, your personal information was NOT compromised by an unknown third party.

Square-Enix is planning to restart the Square Enix Members service by the end of December. Details of the schedule will be announced at a later date.

We deeply regret any inconvenience this may have caused our customers and fans, and appreciate your patience.

Square-Enix says no user info stolen during security breach originally appeared on Massively on Wed, 21 Dec 2011 09:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

MapleStory breached, 13 million accounts exposed

Justin Olivetti — Sat, 26 Nov 2011 18:00:00 EST

Filed under: Fantasy, MapleStory, MMO Industry, Free-to-Play, Legal

The famously hacked Sony has a sympathetic shoulder this week, as Nexon recently discovered a massive breach that's exposed over 13 million MapleStory player accounts to cyber ne'er-do-wells. Discovered this past Thursday, the breach was solely limited to South Korea, as Nexon hosts separate countries on their own servers.

This means that any South Korean MapleStory player's information is at risk, including user IDs, names, passwords, and residential registration numbers. This information could potentially be stolen and used for a variety of crimes.

While there's been no word whether actual personal information has been stolen, Nexon nevertheless urged these 13+ million subscribers to change their passwords. The company has contacted the police to ask for a formal investigation.

This comes at an unfortunate time for the company, as Nexon is poised to present its IPO on the Tokyo Stock Exchange in December.

MapleStory breached, 13 million accounts exposed originally appeared on Massively on Sat, 26 Nov 2011 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Valve's Steam forum security compromised

Jef Reahard — Mon, 07 Nov 2011 17:00:00 EST

Filed under: MMO Industry, News Items, Miscellaneous

Valve is the latest gaming company to suffer a security breach during the hackathon that is the year 2011. What's that got to do with MMOs, you say? Well, the company's Steam digital download service offers access to a ton of our favorite virtual worlds, and it has thus far seemed relatively secure.

Kotaku reports that the Steam forums were hacked last night, with the paper trail leading to a cracker website known as Fknowned.com. The gentlemen in question are of course denying all responsibility for the mischief, and thus far Valve has offered no comment on the situation. It's worth noting that the Steam forum account info is separate from the actual Steam service account info, but it's also likely that some users employ identical sets of credentials. We'll keep you posted as we learn more.

Valve's Steam forum security compromised originally appeared on Massively on Mon, 07 Nov 2011 17:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

SOE's John Smedley weighs in on the recent hacks

Jef Reahard — Fri, 14 Oct 2011 18:30:00 EST

Filed under: Events (Real-World), Interviews, MMO Industry, News Items, Miscellaneous

You'd think putting the words Sony and hack together in the same sentence would give John Smedley a minor heart attack. Not so, according to a GameSpot writer who spoke with Sony Online Entertainment's CEO at the recent GDC Austin event.

Unlike the lengthy service outage that cost the company some credibility (and millions of dollars) earlier this year, the latest attempted security breach was neither widespread nor particularly effective, according to Smedley. It's also likely that the problem didn't stem from compromised Sony network data. "We've said publicly when we were compromised before that the information is out there and could have been used. That was obviously the first thing we looked at. Then we did the mathematical analysis and said 'obviously that's not what happened.' I'm not going to say it's impossible [{that}the info came from Sony]. We just think that's not the most likely case," Smedley explained.

SOE's John Smedley weighs in on the recent hacks originally appeared on Massively on Fri, 14 Oct 2011 18:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Turbine forums down, security breach rumors rampant

Matt Daniel — Wed, 12 Oct 2011 16:30:00 EST

Filed under: Fantasy, Lord of the Rings Online, News Items, Free-to-Play, Rumors

A Casual Stroll to Mordor reports that Turbine has brought down the Lord of the Rings Online official forums due to a "potential issue in the forum system." But of course, in the MMO world, you can't just bring forums down without starting a few conspiracy theories.

Rumors abound that the forum outage may be linked to some sort of security breach. Of course, we repeat, and please do listen when we say, this is only a rumor and in no way has it been verified. If and when it is verified or dismissed, we promise to let you know. Until then, please remain calm and carry on. That is all.

Turbine forums down, security breach rumors rampant originally appeared on Massively on Wed, 12 Oct 2011 16:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Codemasters website, store, and database hacked

Jef Reahard — Fri, 10 Jun 2011 12:00:00 EST

Filed under: Culture, MMO Industry, News Items, Miscellaneous

Another day, another game publisher in a hacker's crosshairs. This time around it's Codemasters, and Eurogamer has the details on a security violation that compromised the company's website, EStore, CodeM database, and Dirt3 VIP code redemption webpage. The intrusion occurred on June 3rd, and Codemasters has sent out a letter to affected customers advising of the potential threat to their identity-related information.

The article reports that no payment details or credit card info was pilfered, but encrypted passwords as well as Xbox Live gamer tags and personal data (including addresses and user names) were taken. Thus far no groups or individuals have claimed responsibility for the attack. You can read the full Codemasters letter at Eurogamer.

Codemasters website, store, and database hacked originally appeared on Massively on Fri, 10 Jun 2011 12:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

SOE begins restoring game services

Jef Reahard — Sat, 14 May 2011 20:10:00 EST

Filed under: MMO Industry, News Items, Miscellaneous

Sony Online Entertainment has good news for fans of its dormant MMORPGs. Service restoration has officially begun for all of the company's online games, forums, and related websites as of May 14th. Earlier today, the company issued a press release with the details as well as a statement from Sony executive Kazuo Hirai.

"Our main priority is the safety and security of our customers' personal information. We are making consumer data protection a full-time, company-wide commitment, and have applied enhanced security technologies so that our customers can feel protected and confident about playing our games," Hirai said.

SOE provided details on its Welcome Back promotion earlier this week, and today's release provides links to a handy chart covering promotions for all of the company's games as well as a summary of the initial customer service notice and contact information. The promotions include free play time for former (not just active) subscribers to SOE's MMOs, making it a great time to return to an old favorite.

SOE begins restoring game services originally appeared on Massively on Sat, 14 May 2011 20:10:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Sony aiming for May 31st PSN service restoration [Updated]

Jef Reahard — Mon, 09 May 2011 10:00:00 EST

Filed under: Fantasy, Super-hero, EverQuest II, MMO Industry, News Items, Consoles, Free Realms, DC Universe Online, EverQuest Next, Miscellaneous

Sony's network security woes continued over the weekend, and the light at the end of the tunnel still seems like a distant pin prick for the embattled gaming giant and its displaced customers. Bloomberg reports that Sony spokesman Shigenori Yoshida indicated the company plans to restart Playstation Network services by May 31st, which would bring the total downtime to a whopping 41 days.

Nick Caplin, head of communications for Sony Computer Entertainment Europe, posted an update to the European PlayStation blog hinting at the reasons for a longer delay. "We expected to have the services online within a week. We were unaware of the extent of the attack on Sony Online Entertainment servers, and we are taking this opportunity to conduct further testing of the incredibly complex system," he wrote.

While the PS3 versions of both Free Realms and DC Universe Online fall under the PSN umbrella, no word has been forthcoming as to a restart date for the rest of SOE's MMO stable, which includes the PC versions of the aforementioned titles as well as EverQuest and EverQuest II.

[Update: CNET is reporting that Sony is considering a reward for information leading to the capture of the hackers. Meanwhile, Sony is apparently contesting reports about the May 31st date, suggesting no such hard deadline for PSN resumption exists.]

Sony aiming for May 31st PSN service restoration [Updated] originally appeared on Massively on Mon, 09 May 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Sony executive to address media regarding PlayStation Network debacle

Jef Reahard — Sat, 30 Apr 2011 18:00:00 EST

Filed under: Events (Real-World), MMO Industry, News Items, Miscellaneous

If you're curious what Sony higher-ups have to say about the recent PlayStation Network security debacle, you'll want to check out Kazuo Hirai's remarks to the media at 2:00 p.m. Sunday in Tokyo (1:00 a.m. EDT). Hirai, Sony Corp's executive deputy president, is expected to field questions from journalists as well as use his considerable PR skills to put a positive spin on the situation and its aftermath.

Much is at stake for the global entertainment giant, including possible legal actions resulting from the compromise of 77 million user accounts (and the company's delayed response and acknowledgment of the problem well after the fact). It's a big moment for Hirai as well; the executive is considered the front-runner in the race to supplant current Sony president Howard Stringer -- who has "been vague about his plans from the next financial year that starts in April 2012" according to Reuters.

Sony executive to address media regarding PlayStation Network debacle originally appeared on Massively on Sat, 30 Apr 2011 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

City of Heroes offers a reminder on account security

Eliot Lefebvre — Wed, 06 Jan 2010 20:00:00 EST

Filed under: Super-hero, City of Heroes, Culture, Exploits, Rumors

NCsoft hasn't been having an easy start to the year, at least not in the eyes of security-minded players. The entire Guild Wars security question recently came to a head with suspicions and accusations that the flaw was something wrong with NCsoft's account management, a black eye if ever there was one. Of course, that raises questions about not just Guild Wars, but any game under the company's aegis, which includes City of Heroes. So it should come as little surprise that a reminder about account security has recently been posted on the official site.

The reminder itself is fairly standard boilerplate, reminding everyone to avoid giving out their account information to any other players, only log in from secure locations, and so forth. It also addresses the issue at hand in a roundabout fashion, mentioning that they found no malicious workarounds after investigating "current claims." However, the very next line mentions that they have added more robust logging and security procedures, which can lead to the obvious conspiracy theories. With fewer items to be traded than many other games, City of Heroes has a smidge more built-in security -- but a little extra reminder and caution never hurts.

City of Heroes offers a reminder on account security originally appeared on Massively on Wed, 06 Jan 2010 20:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Potential smoking gun found for Guild Wars security issues

Eliot Lefebvre — Sat, 02 Jan 2010 10:00:00 EST

Filed under: Fantasy, Guild Wars, Exploits, News Items, Rumors

It started as a surprise. Guild Wars players reported suddenly finding themselves hacked, their accounts cleaned out, no indication of what could have caused the problem. NCsoft and ArenaNet offered suggestions, security safeguards, new measures being taken, hints that the problem lay in a popular third-party website with an undisclosed name. But with the recent rash of problems that Aion players have been having regarding security, new facts have begun coming to light, and they paint a picture that isn't pretty.

Specifically, some players seem to be finding that it doesn't take any skill to wind up hacking someone's account accidentally. And all it takes is a few log-in attempts to find yourself with access to someone's account name, password, and billing information for all of a player's NCsoft games.

Continue reading Potential smoking gun found for Guild Wars security issues

Potential smoking gun found for Guild Wars security issues originally appeared on Massively on Sat, 02 Jan 2010 10:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments