Cryptic Studios Hacked, Warnings Issued
Cryptic Studios, the company behind MMORPGs like Champions Online, Star Trek Online, and the upcoming Neverwinter just posted a security notification on their site informing their customers (myself included) about a hacker breach of their database.
I also got this email just a few moments ago:
As a result of routine security checks and upgrades, we have discovered that certain of your account information, including your password, may have been accessed by an unauthorized party.
For your security, we’ve reset the password on your account. You can recover your password via the “forgot password” link on the official Star Trek Online or Champions Online web sites:
If you have used your account name and password for other accounts, especially financial accounts or accounts with personal information, you should consider changing your password on other services as well.
Apparently unauthorized access includes user account names, handles, as well as encrypted passwords. Cryptic is being cryptic on this one and doesn’t “have evidence” whether any other information was stolen, but they admit it’s possible. So, if you have an account with them, it would be wise to change your passwords, and especially make sure you never used the same password for some other service. Cryptic Studios does advise you to monitor your credit reports as parts of your credit card number may have been compromised as well, which can potentially lead to identity theft, which is an extreme pain in the ass to deal with.
What’s particularly brutal about this case is that the hacking incident happened in December 2010. That’s right, well over a year ago! Apparently they just caught up with this recently due to some improved security procedures, but something tells me that’s a load of crap: I find it unlikely that a company as big as Cryptic Studios didn’t notice someone stealing their entire user database. It may just be that they didn’t want any bad press at that time, and did not think anyone would bother decrypting user passwords (which they now did).
Either way, if you have an account with Cryptic I highly suggest you go reset your password. Now.
Posted in News
Comments are currently closed.