Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Champions Online: 'Unauthorized Access' Revealed

SBFordSBFord Former Associate EditorMember LegendaryPosts: 33,129

The Cryptic Studios page has been updated with the announcement that its servers have been the victim of what the press release calls 'unauthorized access'. More troubling is the further announcement that the attacks began in December of 2010 and resulted in user account names, handles, and encrypted passwords for those accounts being made accessible to the intruders.

The unauthorized access included user account names, handles, and encrypted passwords for those accounts. Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database. All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident.

Read the full report on the Cryptic Studios page.

image


¯\_(ツ)_/¯ 


Comments

  • Four0SixFour0Six Member UncommonPosts: 1,175

    ouch

  • RemyVorenderRemyVorender Member RarePosts: 3,991

    /facepalm

    Joined - July 2004

  • KenzeKenze Member UncommonPosts: 1,217

    "At Cryptic Studios, your privacy and security is important."

    Its so important that they wait 2 years later and then they tell us?  thats just sad and wrong


    Watch your thoughts; they become words.
    Watch your words; they become actions.
    Watch your actions; they become habits.
    Watch your habits; they become character.
    Watch your character; it becomes your destiny.
    —Lao-Tze

  • Scott_JeslisScott_Jeslis Member RarePosts: 627

    Yeah I got "the" e-mail from them last night and thought it was a spoof... I had to research it to see if it was true :-(

  • staranstaran Member UncommonPosts: 87
    There is a cstore fix for it
  • TalonsinTalonsin Member EpicPosts: 3,619

    Honestly, the hackers can have my account.  No need to reset my password.  At least I'll know that the STO lifetime sub I bought would be getting some use.  I still kick myself for buying that one without playing it first.



     

    "Sean (Murray) saying MP will be in the game is not remotely close to evidence that at the point of purchase people thought there was MP in the game."  - SEANMCAD

  • jusomdudejusomdude Member RarePosts: 2,706

    I got the email and reset my cryptic password. This is the type of thing that makes me never want to keep payment info on file with anyone which is why I usually cancel my sub as soon as I pay for some time.

  • JeroKaneJeroKane Member EpicPosts: 6,959

    Completely unaceptable that they waited one and half year to come out with it!

    Even more retarded (and this pretty much shows the kind of incompetent company Cryptic really is) if it really took them one and half year to discover they had been hacked. Which would mean that hackers have been able to use this backdoor for a whole one and half year!!

    /FACEPALM

  • bobfishbobfish Member UncommonPosts: 1,679

    The breach was the same timeframe that Atari were cutting all the staff and trying to offload them. I can imagine it was completely missed and only found when they were upgrading/intergrating with Perfect World's systems.

  • gilgamesh42gilgamesh42 Member Posts: 300

    cryptic fails again what else is new, not this

    image
  • adam_noxadam_nox Member UncommonPosts: 2,148

    I thought it was a phishing attempt, I mean read this:

    "As a result of routine security checks and upgrades, we have discovered that certain of your account information"

     

    certain of my account?  really?

  • GrinnzGrinnz Member UncommonPosts: 312

    Hah I thought was phishing scam too, but when I get those emails I usually head to the official website to do my changes as oppose to email links.

  • Artair83Artair83 Member UncommonPosts: 48

    Originally posted by bobfish

    The breach was the same timeframe that Atari were cutting all the staff and trying to offload them. I can imagine it was completely missed and only found when they were upgrading/intergrating with Perfect World's systems.


     

    You're probably right, to be honest I would be surprised if Atari's engineers even knew what they were looking at, Atari made a money grab buying Cryptic, they weren't ready for the long haul of running MMOs.

    I'm not going to say Cryptic doesn't have it's problems. However, bad funding and money grabs from Atari were ruining them and I wouldn't be surprised if Atari (which isn't even original Atari anyway) didn't notice this hole in the network. Star Trek originally I thought was awful, ever since Dan Stahl took over, and later on, Perfect World started giving them a reasonable amount of funding, STO's quality has greatly improved and Neverwinter also is looking good. But yeah I would have never played STO in the state it launched in. Of course this break in doesn't annoy me any less :|

  • KenzeKenze Member UncommonPosts: 1,217

    Originally posted by Alphamojo

    Hah I thought was phishing scam too, but when I get those emails I usually head to the official website to do my changes as oppose to email links.



    gmail even marked it with a phishing warning.

    Watch your thoughts; they become words.
    Watch your words; they become actions.
    Watch your actions; they become habits.
    Watch your habits; they become character.
    Watch your character; it becomes your destiny.
    —Lao-Tze

  • johnnyblancojohnnyblanco Member Posts: 11
    As a lifetime CO subscriber I have to say that I am very disappointed and they had better make some reparations for this. Why am I so pissed? Because they waited so long to tell us! Mark my words if hackers got any of my information I will sue Cryptic into chapter 11.
  • VaultFairyVaultFairy Member UncommonPosts: 566
    Hmm.. Really?! o.O

  • centkincentkin Member RarePosts: 1,527

    What is unacceptable is that they retain the data for hackers to get at after you have left all of their games.

    I am sorry but all account information should be deleted or at least backed up to tape whenever people have left for over a month.  If you want to get back you would have to either reset your password to your email address or have them unarchive it.

    I am getting sick and tired of "company you played a game with 5 years ago has still retained all your data and hackers now have your old password real name age whatever credit card you used at the time home address phone number -- blah blah blah.

    If you drop the game they should have to drop the data.

    Even if you never intend to, you do reuse passwords from 10 years ago -- you forget you ever used it and then one gets unknowingly recycled and bam -- you get hacked.  The more often you change your passwords and the more passwords you have the more likely it is that you will one day recycle a password.

  • VeldaraVeldara Member UncommonPosts: 30

    I'm shocked!  No really guise I means it! 



    Considering this company can't even put out patches without breaking the game, never listen to feedback, and rarely fix bugs(some still around from launch), I'm not even the slightest bit surprised.

  • justablokejustabloke Member UncommonPosts: 10

    Cryptic Studios is only telling part of the truth.  The breach was wider and affected other games, notably  STO.  It didn't only occur on one occasion but over a period of time.

    Moral.  Don't trust any service, change your PW often (or as often as you can stand it).

  • SmokeysongSmokeysong Member UncommonPosts: 247

    Originally posted by JeroKane

    Completely unaceptable that they waited one and half year to come out with it!

    Even more retarded (and this pretty much shows the kind of incompetent company Cryptic really is) if it really took them one and half year to discover they had been hacked. Which would mean that hackers have been able to use this backdoor for a whole one and half year!!

    /FACEPALM




     

    Frankly, I don't put much stock in the opinion of bigots.

    If you want to be heard by an intelligent person have the decency to not use "retarded" as a pejorative. There are millions of people labeled retarded by the medical and educational fields that don't deserve your disdain. There is no shame in having a biological impairment.

    However, there is shame in willful ignorance and stupidity; in denying the facts, refusing to learn, and demonstrating strong emotional opinions about things you know little about. I suggest if denigration is appropriate here, then you are a suitable candidate.

    Have played: Everquest, Asheron's Call, Horizons, Everquest2, World of Warcraft, Lord of the Rings Online, Warhammer, Age of Conan, Darkfall

  • BeerpigBeerpig Member UncommonPosts: 9
    Did they find the porn?
  • delateurdelateur Member Posts: 156

    Originally posted by Talonsin

    Honestly, the hackers can have my account.  No need to reset my password.  At least I'll know that the STO lifetime sub I bought would be getting some use.  I still kick myself for buying that one without playing it first.



    Ouch, bud. I appreciate your honesty. If it makes you feel any better, at first, I was SORELY tempted to puchase the same for both STO and CO. Did not do either, because I figured I should at least see what happens when the game goes live. Wow, was I glad I did...




     




     

     

  • LokathLokath Member Posts: 33
    Originally posted by Talonsin

    Honestly, the hackers can have my account.  No need to reset my password.  At least I'll know that the STO lifetime sub I bought would be getting some use.  I still kick myself for buying that one without playing it first.

    I'll take it off your hands.



     

  • b003b003 Member UncommonPosts: 54
    ... and after resetting two accounts I can't acess either. Could be worse, might have been games I actually liked.

     

  • daltaniousdaltanious Member UncommonPosts: 2,381

    Originally posted by Benbrada

    Yeah I got "the" e-mail from them last night and thought it was a spoof... I had to research it to see if it was true :-(




     

    Same here, have even forwarded that email to their suppor. Of course the did not respond. Just got some generalized automated response.

    But what is really incredible is, yes, date of 2010.

Sign In or Register to comment.