Tag: server breach

I Love A Good Conspiracy Theory: LOTRO Forums Hacked?


Nothing says loving like a hot conspiracy bun in the oven, I always say. If you use the Lord of the Rings or Dungeons and Dragons forums, you’ve likely noticed that Turbine has taken them down due to an unspecified issue:

We have identified a potential issue in the forum system.  As a precautionary measure we have disabled our forums while we investigate.  We will bring the forums back online when we complete our work.  We thank you for your patience.

In all honesty, and given the unseen amount of people who work to crack forum software, this will likely turn into a vulnerability issue. If my assumption is correct, they wouldn’t be the first forum knocked out today (my favorites list shows three fan sites down due to a breach of security). But the important thing is that Turbine is able to do damage control and get the forums back into a working state. Tweakers.net is reporting that the servers have indeed been breached, via SQL injection, although there has been no confirmation from Turbine. Reportedly this issue stems from some poorly assembled coding used to transition Codemasters customers over to Turbine’s service.

While the Turbine forums are down, why not browse the third party forums and take in the conspiracy theorists?

I found it amusing that just after they added the thread saying they want to hire new developers that the forums mysteriously were brought off line

I love the idea of the ex-employee happening to be a skilled and vengeful hacker. It’s like a murder-revenge story, but suitably nerdy.

Square Enix’s Servers Breached:


Personal data compromised...

Dear valued FINAL FANTASY XI/TETRAMASTER player:

Square Enix is committed to protecting your user information. We have just been alerted to a potential breach of Square Enix’s secure systems from an external source. This may have resulted in the disclosure of a limited number of PlayOnline IDs, passwords and user account data. Please be assured that your credit card data has not been compromised. We are taking this matter very seriously and are conducting a full investigation.

As a precaution we are notifying you of this potential breach and we are resetting your PlayOnline password.

Please contact our Support Center by web chat and obtain a new password that differs from your prior password. Please keep this new password safe and always be on the alert for any “phishing” emails that ask you to disclose personal or financial information.

Support Center
http://support.na.square-enix.com/jump/chat2/
Hours of Operation: Mon-Fri 9:00AM to 6:00PM
*This week only, the Support Center will handle calls for this issue on Saturday June 5, and Sunday June 6.
*Please note that due to a large number of calls, it may take a long time until your call is handled. We apologize for the inconvenience this may cause.

Again, we apologize for this inconvenience and we thank you for your continued support.

I’m not going to say I doubt Square Enix’s word when they say that credit card information has not been compromised, but if you do subscribe to Final Fantasy XI, or have in the past, you should keep a very close eye on your credit card for the next few months, and possibly remove it from your account information if you are unsubscribed. Current subscribers should consider switching over to a pay-by-card method. Better to be safe than sorry.

I say this because no game company’s lawyers would ever allow them to admit that credit card information might have been stolen if there is no existing evidence of it. To do so would incite panic and lawsuits that the company neither needs or can afford, especially in a time where information is so sparse and various IT teams are scrambling to plug holes.

To say Square Enix will be ruined by this, as a few trolls are, is overkill. To say that there won’t be backlash and a heavy amount of distrust between company and fanbase is disingenuous. Luckily Final Fantasy XI has a long history of keeping account information safe, so perhaps this will be shrugged off as a one time incident that didn’t result in any real harm.

Square Enix has been sending the above email to affected players, and reports indicate that a few players have had their passwords reset by Square. More on the account breach as it appears.

Square Enix's Servers Breached:


Personal data compromised...

Dear valued FINAL FANTASY XI/TETRAMASTER player:

Square Enix is committed to protecting your user information. We have just been alerted to a potential breach of Square Enix’s secure systems from an external source. This may have resulted in the disclosure of a limited number of PlayOnline IDs, passwords and user account data. Please be assured that your credit card data has not been compromised. We are taking this matter very seriously and are conducting a full investigation.

As a precaution we are notifying you of this potential breach and we are resetting your PlayOnline password.

Please contact our Support Center by web chat and obtain a new password that differs from your prior password. Please keep this new password safe and always be on the alert for any “phishing” emails that ask you to disclose personal or financial information.

Support Center
http://support.na.square-enix.com/jump/chat2/
Hours of Operation: Mon-Fri 9:00AM to 6:00PM
*This week only, the Support Center will handle calls for this issue on Saturday June 5, and Sunday June 6.
*Please note that due to a large number of calls, it may take a long time until your call is handled. We apologize for the inconvenience this may cause.

Again, we apologize for this inconvenience and we thank you for your continued support.

I’m not going to say I doubt Square Enix’s word when they say that credit card information has not been compromised, but if you do subscribe to Final Fantasy XI, or have in the past, you should keep a very close eye on your credit card for the next few months, and possibly remove it from your account information if you are unsubscribed. Current subscribers should consider switching over to a pay-by-card method. Better to be safe than sorry.

I say this because no game company’s lawyers would ever allow them to admit that credit card information might have been stolen if there is no existing evidence of it. To do so would incite panic and lawsuits that the company neither needs or can afford, especially in a time where information is so sparse and various IT teams are scrambling to plug holes.

To say Square Enix will be ruined by this, as a few trolls are, is overkill. To say that there won’t be backlash and a heavy amount of distrust between company and fanbase is disingenuous. Luckily Final Fantasy XI has a long history of keeping account information safe, so perhaps this will be shrugged off as a one time incident that didn’t result in any real harm.

Square Enix has been sending the above email to affected players, and reports indicate that a few players have had their passwords reset by Square. More on the account breach as it appears.