Japanese video game developer Square Enix has confirmed that email address and resumes of job seekers have been exposed following a website hack.

Miscreants made off with the information after cracking into the website of subsidiary Eidos and a site dedicated to the game Deus Ex: Human Revolution.

Square Enix pulled both sites offline after discovering the hack, as explained on a statement (pdf) on its website:

Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites. We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.

Eidosmontreal.com does not hold any credit card information or code data, however there are resumes which are submitted to the website by people interested in jobs at the studio. Regrettably up to 350 of these resumes may have been accessed, and we are in the process of writing to each of the individuals who may have been affected to offer our sincere apologies for this situation. In addition, we have also discovered that up to 25,000 email addresses were obtained as a result of this breach. These email addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates.

The breach creates the possibility that CV information might fall into the hands of identity thieves, possibly after being sold through underground cybercrime forums. There's also a risk that spammers or phishers might get their hands on the email database before subjecting victims to scams of one type or another.

The hack attack against Square Enix follows shortly after the much higher profile and serious hack on Sony illustrating, if nothing else, that computer security problems in the computer games industry affect more firms than just Sony. ®