Bethesda hacked, user accounts info compromised

WorstUsernameEver

WorstUsernameEver

But best title ever!
I'm personally not sure on what exactly is going on lately, but it seems like we have another victim for the latest hacking spree: Bethesda Softworks. Recommendation being the usual, if you're registered on their forums change your password and beware of weird emails. Here's what Bethesda's community manager, Matt Grandstaff, has to say on the Bethblog: <blockquote>Over the past weekend, a hacker group attempted an unlawful intrusion of our websites to gain access to data. We believe we have taken appropriate action to protect our data against these attacks. While no personal financial information or credit card data was obtained, the hackers may have gained access to some user names, email addresses, and/or passwords. As a precaution, we recommend that all our fans immediately change passwords on all our sites — including our community forums and the statistics site we maintain for Brink players.

If your username/email address/password is similar to what you use on other sites, we recommend changing the password at those sites as well. As we don’t know what further plans the hackers may have, we suggest that you keep an eye out for suspicious emails and account activity.

We regret any inconvenience that these attacks on us cause for you. These attacks will be evaluated to determine if there are any additional protections we might take that would be prudent.</blockquote>
 
He only encourages their fans to update passwords :P Thanks for the warning though

This kind of hacking sucks. To all you script kiddies out there; fuck you, and grow up.
 
This is getting old. Someone toss all those fuckers in prison already. All they do is victimize consumers.

goffy59 said:
Luckily I got banned before all this years ago.
Click to expand...

Me too, but banning is not the same as deleting your info. I would speculate your info is still on there, you just can't access it. Hackers can, though.

Hope you're big on unique passwords. I know I am.
 
At least the forum passwords should be relatively save. Though, I don't know how good the Invision Power board is (last time I checked, it was a pretty good board).
 
sea said:
A couple other forums I have accounts on, like Gearbox's, ended up getting hacked recently as well. Wonder if it's related?
Click to expand...

This ones Lulzsec, not sure if the Gearbox one is the same hacking group but they do seem to get around a lot.
 
Looks like the people in charge of Beth's security are just as inept and utterly brainless as the people who make their games. Serves them right and I hope this turns out to be a real blow to their infantile gaming community. Would love to see Beth lose a lot of money and credibility over this.

We must never forgive, never forget.
 
sea said:
A couple other forums I have accounts on, like Gearbox's, ended up getting hacked recently as well. Wonder if it's related?

Also, Bethesda... if you guys get hacked and there is any risk of user data being compromised, could you at least send out a fucking e-mail? No? Not at all? I have to read your stupid blog to find out?

COMMUNITY. MANAGEMENT. And these assholes get paid to be outright bad at their jobs.
Click to expand...

I'm not defending Bethesda, but...

Incoming mail: your bank account was hacked, we from "insert bank name here" urge you to click on this link and reset your password.

Sounds familiar? :roll:
 
Well, I was hoping they were hacking Bethesda and Zenimax because of their draconian policies on information and the dubious quality of their games, but no, they fucking like them, and yet they hacked their shit because they want Bethesda to release Skyrim a little earlier even though Bethesda makes some of the buggiest games around and doing this would probably create more bugs and glitches. Fucking script kiddies have no taste or common sense, man.
 
These are plain idiots that won't be in the business for long.

This reminded me about my non-existent WoW account getting hacked. I still receive e-mails from Blizzard about it. Weird.
 
Lexx said:
At least the forum passwords should be relatively save. Though, I don't know how good the Invision Power board is (last time I checked, it was a pretty good board).
Click to expand...

Most passwords can be decrypted, it's just a matter of time. Depending what version of the forum software they used the passwords could be encrypted using MD5 or SALT (I believe IPB switched methods a few releases back, MD5 is largely compromised IIRC).

I wonder what the exploit was here and if it was similar to the "basic" attack on Sony a few weeks back.
 
elven.... a "salt" is something you add to the data to be hashed to further hide whats being hashed.

and nobody uses md5 for anything actually requiring any kind of security.

and using md5 to hash passwords is actually considered a security vulnerability at this point.

you should be using a 256 or 512 hash.

and using a salt for a forum board msg for anything that is "common knowledge" makes using a salt irrelevant.

and md5 is considered fully compromised nowadays.
 
Brother None said:
This is getting old. Someone toss all those fuckers in prison already. All they do is victimize consumers.
Click to expand...
Seriously. Why haven't they been stopped? How hard could it be to track down these people who have a website, Twitter accounts, released their own phone numbers...
 
verevoof said:
Brother None said:
This is getting old. Someone toss all those fuckers in prison already. All they do is victimize consumers.
Click to expand...
Seriously. Why haven't they been stopped? How hard could it be to track down these people who have a website, Twitter accounts, released their own phone numbers...
Click to expand...
Because about a couple hundred skiddy Anon Legionnaires will try desperately to fight for their rights to be annoying little shits on the internet if even one gets arrested.
 
verevoof said:
Seriously. Why haven't they been stopped? How hard could it be to track down these people who have a website, Twitter accounts, released their own phone numbers...
Click to expand...

I think such cases are hard to put together, especially since many countries suffer under antiquated law and methodology. It's happening, and will keep happening, but it's slow.

I very much so doubt the police seriously keeps in mind "Anon retaliation". Though they retaliate indeed, did in the Netherlands and Spain. Fuck em, more people to throw in jail, I say.
 
TheWesDude said:
and nobody uses md5 for anything actually requiring any kind of security.
Click to expand...

You would be surprised. This forum uses md5 hashed passwords. As did most of the compromised Sony websites. Md5 is probably the most common password storing method around. The mistake is that people know it's not reversible but there are extensive databases of the pre-hashed values and their md5 equivalents kicking around.

Bewitched said:
Those Lulzsec guys sounds just like terrorists.
Click to expand...

They're actually pretty amusing from a technical standpoint. To be honest, this kind of activity happens all the time, it's just getting a lot of coverage because they're showboating. I would much rather have them be hacking things for "the lulz" than have a bunch of black hats dumping databases and no one ever finding out about it.

OakTable said:
Fucking script kiddies have no taste or common sense, man.
Click to expand...

They're not even script kiddies really. I've been reading the stuff they've been putting out. They know what they're doing, that much has been clear.
 
You must log in or register to reply here.
Back
Top