Epic and Bethesda sites compromised as hacker attacks continue
Epic and Bethesda are the latest victims of wave of cyber-crime that has so far seen data stolen from a number of games company sites, including Sony Online Entertainment, Nintendo, Eidos and Codemasters.
A post on the Bethblog yesterday revealed that the game publisher's site and forums had suffered "an unlawful intrusion" that resulted in the theft of an undisclosed number of forum and website passwords and email addresses.
On Friday, Epic sites also experienced downtime in the aftermath of a similar attack that compromised a number of forum accounts. Thankfully, both companies report that no credit card information was stolen. Other companies have been less fortunate.
Epic founder Tim Sweeney released a statement in the wake of Friday's attack confirming that the "Epic Games web sites and forums were recently hacked.
"The hackers may have obtained the email addresses and encrypted passwords of forum users," he said, adding that "we have reset all passwords. The Unreal Developer Network (UDN) hasn't been compromised. Thankfully, none of our web sites ask for, or store, credit card information or other financial data.
In a similar statement on Bethblog, Bethesda staff revealed that "while no personal financial information or credit card data was obtained, the hackers may have gained access to some user names, email addresses, and/or passwords.
"As a precaution, we recommend that all our fans immediately change passwords on all our sites — including our community forums, statistics site for Brink, and here on the blog.
"If your username/email address/password is similar to what you use on other sites, we recommend changing the password at those sites as well. As we don’t know what further plans the hackers may have, we suggest that you keep an eye out for suspicious emails and account activity."
Epic and Bethesda are the most recently targeted sites. Sony Online Entertainment endured a very serious attack earlier this year in which hackers illegally obtained millions of SOE account details, and the credit card information of more than 12 thousand "non-US" customers. Sony Online Entertainment MMOS came back online last month after a long period of inactivity thanks to the attacks.
In May the Deus Ex: Human Revolution and Eidos Montreal sites were hacked. Square later confirmed that 250 resumes and thousands of email addresses had been stolen in the attack. Just last week, Codemasters revealed that they, too, had been compromised, losing thousands more customer details in the course of the intrusion.
MCV report that Nintendo have also suffered security breaches. It's not clear whether the attacks are part of a single organised campaign, or the responsibility of a number of competing hacking communities. Hacker organisation Lulz Security took responsibility for the Ninetndo hack, while the Eidos hack was attributed to Gnosis. Sony blamed Sony Online Entertainment and Playstation Network failings on Anonymous.
Whether they're the work of a single group or a collection of different attackers, attacks are set to continue amid fears that services like Steam, and other digital distribution channels like GamersGate and Direct2Drive may be targeted, with much more serious consequences for customers.