The DayZ development team tweeted on January 23 that its forums had suffered “an outside security breach,” and recommended that users change their passwords, “just in case.” Today it put out a more detailed and dire message, indicating that the situation is rather worse than it first appeared.
“A security incident occurred on forums.dayzgame.com recently. According to our investigation all usernames, emails and passwords from forums.dayzgame.com were accessed and downloaded by hackers,” it says. “While the passwords were not stored in plain text, but in a more secure form, it is highly recommended that if you have used the same password elsewhere you change it immediately on all applicable websites and services.”
Even encrypted, or 'hashed' passwords, can sometimes be used to compromise accounts with some work (here's an old example), so if you use the same password on any other sites, it's time to change it.
Bohemia says it has “major changes” planned to reduce the likelihood of this sort of thing happening again, including a switch from the current IPBoard login system to the separate and more secure Bohemia Accounts. It also warned that service interruptions over the next few weeks are likely to happen as the systems are migrated to the new setup.
For those who may not have yet checked email, here is an update on our recent security breach. Questions welcome. pic.twitter.com/4zEz03UL2sFebruary 4, 2016