Feeds

Codemasters pulls website after hackers pwn customer database

Game over

Choosing a cloud hosting partner with confidence

Games developer Codemasters has taken its website offline and advised users to change their passwords in the aftermath of a hack attack last week.

Unknown attackers made off with a treasure trove of personal information following an attack on Codemaster' website last Friday (3 June). Hackers got access to the Codemasters CodeM database, EStore, and code redemption pages.

Details lost included members' names, usernames, screen names, email addresses, dates of birth, encrypted passwords, newsletter preferences, biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags. In addition, telephone numbers, encrypted passwords and order histories were accessed and compromised from the Codemasters electronic store.

Payment card details are handled and stored by an external payment provider, and are not affected by the breach.

Although payment details ought to be safe users are exposed to severe risk if cases where they also use their Codemasters password/login name with other (perhaps more sensitive) accounts, such as webmail or e-banking. These passwords need to be changed quickly.

In addition, users should be wary of the possibility of receiving phishing emails that use data from the Codemasters heist to give them extra plausibility.

Codemasters said its website "will remain offline for the foreseeable future" as a result of the hack with traffic re-directed to the Codemasters Facebook page instead.

"A new website will launch later in the year," it adds.

The gaming outfit sent out warning emails to its customers on Friday, which is the first many had heard of the problem. Several readers (too numerous to mention individually) forwarded these emails.

We've asked Codemasters for comment on the hack but are yet to hear back at the time of going to press. It seems remarkable that a firm that depended at least in no small part on web sales would take its site offline indefinitely. This is a question we'd hope to explore as and when we hear back from Codemasters.

Codemasters has employed controversial law firm Davenport Lyons to chase file sharers for damages over the alleged uploading of copies of its games onto file sharing networks. It's unclear whether or not this motivated this months assault but the loose confederation between file sharers and hackers does make it a possibility. ®

Website security in corporate America

More from The Register

next story
Man buys iPHONE 6 and DROPS IT to SMASH on PURPOSE
Yarrrgh! 'Tis Antipodean insanity, ye crazy swab
Oi, Tim Cook. Apple Watch. I DARE you to tell me, IN PERSON, that it's secure
State attorney demands Apple CEO bows the knee to him
Monitors monitor's monitoring finds touch screens have 0.4% market share
Not four. Point four. Count yer booty again, Microsoft
4K-ing excellent TV is on its way ... in its own sweet time, natch
For decades Hollywood actually binned its 4K files. Doh!
Your chance to WIN the WORLD'S ONLY HANDHELD ZX SPECTRUM
Reg staff not allowed to enter, god dammit
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
DARPA-backed jetpack prototype built to make soldiers run faster
4 Minute Mile project hatched to speed up tired troops
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.