Games companies under attack
Games companies are becoming increasingly regular targets for hackers. Last week, UK games company Codemasters informed its users that its servers had been hacked and that intruders had access to the web site, corporate web site and the company's EStore. Epic Games was also hacked, with attackers gaining access to the company's web sites and forums according to a message from its CEO, Tim Sweeney.
Codemasters says it is "the latest victim in on-going targeted attacks against numerous game companies". Attackers are believed to have had access to customer names, addresses, email addresses, telephone numbers, order history and encrypted passwords; however no payment information is stored on its servers because it uses external payment providers. The company has taken the step of taking down its entire Codemasters.com web site and redirecting users to its Facebook page until it can launch a new web site later this year. It is also recommending that users change passwords on any site where they have used the same password as on Codemasters.com.
Epic Games, on the other hand, is restoring access to its sites after the attack which saw hackers obtain email addresses and encrypted passwords. Epic says none of its sites ask for or store credit card information or other sensitive data, but it is suggesting that users reset their passwords as the plain text version could be obtained by brute force.
In both cases, customers of Codemasters and Epic Games should be prepared for more phishing attacks targeted at their email accounts. It is unclear how many users have been affected by both compromises, and it is also unknown who is behind the attacks and what their motive is.