Four months after the gaming site
Gamigo warned users about a hacker intrusion that accessed some portions
of its users’ credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList.
The list of passwords, which
were scrambled using a one-way cryptographic hash algorithm, were
published earlier this month to a forum on the password-cracking website
Inside Pro. According to forbe,"The
list also contained 8.2 million unique e-mail addresses, including 3
million American accounts from the US, 2.4 million accounts from
Germany, and 1.3 million accounts from France."
Gamigo warned users in early
March that an attack on the Gamigo database had exposed hashed passwords
and usernames and possibly other, unspecified additional personal data.
The site required users to change their account passwords.
PwnedList founder Steve Thomas said, “It’s the largest leak I’ve
ever actually seen. When this breach originally happened, the data
wasn’t released, so it wasn’t a big concern. Now eight million email
addresses and passwords have been online, live data for any hacker to
see.
This breach is bigger than anything we've seen so far this year. In the last few months, there have been a slew of attacks against the following sites: LinkedIn, eHarmony, Last.fm, Yahoo, Android Forums, Formspring, and Nvidia, among others.
This breach is bigger than anything we've seen so far this year. In the last few months, there have been a slew of attacks against the following sites: LinkedIn, eHarmony, Last.fm, Yahoo, Android Forums, Formspring, and Nvidia, among others.
Gamigo users can check on PwnedList’s site whether their email address is included in the leak.
On March 1, Gamigo sent out the following e-mail to its users:
Dear Community,
As
you have all already noticed, our game servers, websites and forums are
partially unreachable at the moment. We would like to explain to you
what happened and what has been done on our side.
There
was an attack on the gamigo database in which user information, such as
alias usernames and encrypted passwords were stolen. An excerpt from
these was published in the gamigo forums. We detected the attack and are
working to the utmost of our resources to repair the damage and
determine how it happened.
Your
character data, including items, is safely stored on the backup! We
cannot rule out that the intruder(s) is/are still in possession of
additional personal data, although to date we have received no report of
any fraudulent use.
To
prevent any unauthorized access to your account, we have reset all
passwords for the gamigo account system and for all gamigo games!
Source: netasq-India
No comments:
Post a Comment