Square Enix Hacked: Deus Ex and Tomb Raider Websites Attacked

[jefXfree]

Yet more hacking misery has emerged today, as hackers have broken into the websites for both Deus Ex: Human Revolution and Tomb Raider, making off with the emails of 25,000 customers who had registered for product updates in the process. The resumes of 350 Eidos Montreal employees might have been compromised too, with the hackers accessing the company's web servers.

"Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites," Square Enix confirmed in a statement. "We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again."

Both Eidosmontreal.com and Deusex.com were affected by the hack and Sophos security consultant Graham Cluley warned that these leaks could cause a number of issues. "With the e-mail there is a danger that gamers could be e-mailed by someone pretending to be from the company who gets them to click on a link or run some malicious software," he told BBC News. "The resumes are a blueprint for identity theft. They have everything that scammers want. The only thing missing is credit card information."

So try and stay vigilant, although Square Enix says that there's no evidence that information has been distributed by the hackers.

 

[Wreck]

I got this in my email too.

Dear valued Codemasters customer,

On Friday 3rd June, unauthorised entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.

During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:

Codemasters.com website

Access to the Codemasters corporate website and sub-domains.

DiRT 3 VIP code redemption page

Access to the DiRT 3 VIP code redemption page.

The Codemasters EStore

We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.

Codemasters CodeM database

Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.

Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.

The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year.

Advice

For your security, in the first instance we advise you to change any passwords you have associated with other Codemasters accounts. If you use the same login information for other sites, you should change that information too. Furthermore, be extra cautious of potential scams, via email, phone, or post that ask you for personal or sensitive information. Please note that Codemasters will never ask you for any payment data such as credit card numbers or bank account details, nor will Codemasters ask you for passwords or other personal identifying data. Be aware too of fraudulent emails that may outwardly appear to be from Codemasters with links inviting you to visit websites. The safest way to visit your favourite websites is always by typing in the address manually into the address bar of your browser.

Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies. We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law.

We apologise for this incident and regret any inconvenience caused.

We are contacting all customers who may have been affected directly.

 

[Xerios]

some spaniard anony members were caught today..... allegedly they were apart of the group that targeted psn

 

[Horhay]

While pursuing those responsible for leaking a preview build of Deus Ex Human Revolution onto the internet, publishers Square Enix discovered that the game (well, part of the game) had been a copy they'd hosted on Valve's Steam service.

This happens all the time; often with PC preview coverage here at Kotaku, for example, we're able to access and download early builds of games on Steam.

The problem here is that an Italian writer's login details were obtained by hackers and Deus Ex's code lifted, then leaked.

Valve says that it has a lot more information on those responsible than it's released thus far, but also says it's unable to give that information to Square Enix (courtesy of its privacy policy) unless the publisher can present them with a subpoena.

So Square Enix is doing just that, asking the Washington court hearing its case against fifteen unidentified Italian hackers for permission to get just such a subpoena.

Subpoenas! Shady European criminals! It's like a cop show! Only, with paperwork instead of guns.

I figured this would be a good place to put this. I hope they catch these people responsible for hacking in and stealing an unfinished source of Deus Ex.