Feeds

Codemasters pulls website after hackers pwn customer database

Game over

SANS - Survey on application security programs

Games developer Codemasters has taken its website offline and advised users to change their passwords in the aftermath of a hack attack last week.

Unknown attackers made off with a treasure trove of personal information following an attack on Codemaster' website last Friday (3 June). Hackers got access to the Codemasters CodeM database, EStore, and code redemption pages.

Details lost included members' names, usernames, screen names, email addresses, dates of birth, encrypted passwords, newsletter preferences, biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags. In addition, telephone numbers, encrypted passwords and order histories were accessed and compromised from the Codemasters electronic store.

Payment card details are handled and stored by an external payment provider, and are not affected by the breach.

Although payment details ought to be safe users are exposed to severe risk if cases where they also use their Codemasters password/login name with other (perhaps more sensitive) accounts, such as webmail or e-banking. These passwords need to be changed quickly.

In addition, users should be wary of the possibility of receiving phishing emails that use data from the Codemasters heist to give them extra plausibility.

Codemasters said its website "will remain offline for the foreseeable future" as a result of the hack with traffic re-directed to the Codemasters Facebook page instead.

"A new website will launch later in the year," it adds.

The gaming outfit sent out warning emails to its customers on Friday, which is the first many had heard of the problem. Several readers (too numerous to mention individually) forwarded these emails.

We've asked Codemasters for comment on the hack but are yet to hear back at the time of going to press. It seems remarkable that a firm that depended at least in no small part on web sales would take its site offline indefinitely. This is a question we'd hope to explore as and when we hear back from Codemasters.

Codemasters has employed controversial law firm Davenport Lyons to chase file sharers for damages over the alleged uploading of copies of its games onto file sharing networks. It's unclear whether or not this motivated this months assault but the loose confederation between file sharers and hackers does make it a possibility. ®

SANS - Survey on application security programs

More from The Register

next story
WTF happened to Pac-Man?
In his thirties and still afraid of ghosts
Reg man builds smart home rig, gains SUPREME CONTROL of DOMAIN – Pics
LightwaveRF and Arduino: Bright ideas for dim DIYers
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Microsoft signs Motorola to Android patent pact – no, not THAT Motorola
The part that Google never got will play ball with Redmond
Apple patent LOCKS drivers out of their OWN PHONES
I'm sorry Dave, I'm afraid I can't let you text that
Happy 25th birthday, Game Boy!
Monochrome handset ushered in modern mobile gaming era
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Slip your finger in this ring and unlock your backdoor, phone, etc
Take a look at this new NFC jewellery – why, what were you thinking of?
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.