Yet another security breach!

[.Griff.]

Just received this email..

If you try and access any Codemasters site it redirects you to their Facebook page so it must be pretty serious for them to take everything offline.

Important information regarding your account



Dear valued Codemasters customer,

On Friday 3rd June, unauthorised entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.

During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:

Codemasters.com website

Access to the Codemasters corporate website and sub-domains.

DiRT 3 VIP code redemption page

Access to the DiRT 3 VIP code redemption page.

The Codemasters EStore

We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.

Codemasters CodeM database

Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.

Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.

The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year.

Advice

For your security, in the first instance we advise you to change any passwords you have associated with other Codemasters accounts. If you use the same login information for other sites, you should change that information too. Furthermore, be extra cautious of potential scams, via email, phone, or post that ask you for personal or sensitive information. Please note that Codemasters will never ask you for any payment data such as credit card numbers or bank account details, nor will Codemasters ask you for passwords or other personal identifying data. Be aware too of fraudulent emails that may outwardly appear to be from Codemasters with links inviting you to visit websites. The safest way to visit your favourite websites is always by typing in the address manually into the address bar of your browser.

Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies. We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law.

We apologise for this incident and regret any inconvenience caused.

We are contacting all customers who may have been affected directly.

Should you have any concerns or wish to speak to a member of our Customer Services team, please email them at custservice@codemasters.com.

[Inkblot]

That's odd - I saw mention of it on the Lord of the Rings forums but have always been able to access them without any problem. I haven't received this email yet either but that could just be down to the sheer number they need to send out.

[.Griff.]

News now filtering out to the media -

http://www.develop-online.net/news/37993/Thousands-affected-in-Codemasters-data-hack

http://www.next-gen.biz/news/codemasters-confirms-data-breach

[Inkblot]

Indeed, just seen it mentioned again on the LOTRo site, somebody has had the same email and asking if it's real - and the official answer is yes, it's real 

Ah well, another round of password changes coming up

[Niall]

Yeah I had this email this morning. I can't remember what games I have with them, or when I last used them, or even what my login is

[Simon]

Ask the hacker. 

[zappaDPJ]

 

[wecpcs]

Just received this email..

If you try and access any Codemasters site it redirects you to their Facebook page so it must be pretty serious for them to take everything offline.

I had one of those as well.

Colin

[Technical Ben]

I wonder how many non gaming sites are getting hit, but not noticing it yet?
Rik, Rik? RIIIIIK!?
Where's Rik when you need confirmation you are safe?! 

[.Griff.]

And another one -

http://kotaku.com/5810939/the-latest-victim-of-the-account-hacking-horde-is-epic-games

[Gary]

I wonder how many non gaming sites are getting hit, but not noticing it yet?
Rik, Rik? RIIIIIK!?
Where's Rik when you need confirmation you are safe?! 

Well The IMF was http://www.bbc.co.uk/news/world-us-canada-13740591 the crackers are having lots of fun it seems.

[Technical Ben]

Reminds me of a certain film that "deleted" all the debt in the world off of the worlds banks servers. 

Crashed my pc earlier, and broke my login to steam. Took me ages to remember the pass, all the while panicking in case it had been hijacked.

[Gary]

Reminds me of a certain film that "deleted" all the debt in the world off of the worlds banks servers. 

Crashed my pc earlier, and broke my login to steam. Took me ages to remember the pass, all the while panicking in case it had been hijacked.

Bit robin hood like in  cyber way, oh now I have the geek stereotype in my head but with green tights on Arghhhh!!

[Technical Ben]

Oh no, in the film they played it totally straight, you did not even know that was going to happen till the end. The rest of the film was the usual Hollywood action.

[Niall]

I'm actually wondering if Steam has been hacked. Steam itself can't connect to their servers and the forums are unreachable too. My mate in Sheffield on Zen ISP can't see them either.

[.Griff.]

I'm actually wondering if Steam has been hacked. Steam itself can't connect to their servers and the forums are unreachable too. My mate in Sheffield on Zen ISP can't see them either.

I can't login to the Steam client but I can access the Steam website if I keep refreshing the page.

Edit - http://forums.steampowered.com/forums/showthread.php?t=1928816

[Niall]

It all just came back this very minute!

[.Griff.]

Same here.

Look at their stats though - http://store.steampowered.com/stats/

3 million users online one second, next to nothing the next second.

[Niall]

I bet they'll say they were upgrading security or something.

[Niall]

http://forums.steampowered.com/forums/showthread.php?t=1928816&page=2

Looks like it was world wide. They've either taken it down without warning or got attacked. I'd say the former is more likely as it'd still be down if it was being attacked.

[pctech]

And another, BioWare this time

http://www.theregister.co.uk/2011/06/16/bioware_hack_horror/

[Simon]

[pctech]

Glad I didn't store my card details on steam when I bought Portal 2.

[.Griff.]

Minecraft, EVE Online, and League of Legends hacked

http://www.videogamer.com/news/minecraft_eve_online_and_league_of_legends_hacked.html

[Gary]

LulzSec seem to being very handy at the mo, they tweeted about talking down a CIA front page, which has now filtered into the news, not sure how true but they id have a phone number up so you could suggest your fave place for a DDos attack