Feeds

Atari and Square Enix cough to exposing users' privates

Gaming security still sux

Reducing security risks from open source software

Atari has apologised to gamers following a security breach that exposed their names and email addresses, leaving users at heightened risk of spam as a result.

The gaming outfit blamed the fairly minor breach (no credit cards or mobile phone numbers were exposed) on problems introduced during a migration to a new cloud-based server platform. The breach came to our attention via an Atari email (extract below) forwarded by Reg reader Troy, who commented: "Well, this sounds like fun, might explain all the recent spam I have been getting".

Atari has discovered that some information that you provided to Atari when you registered on our site was recently able to be viewed publicly. The information that was viewable was your name and e-mail address.

This occurred when an outside contractor working on our website created some spreadsheets related to registered users. The spreadsheets were maintained on a database hosted on a cloud server that crashed.

When the server was brought back up online, the firewall around the database was inadvertently not re-established. As a result, there was an approximate three week period of time when names and e-mail address were able to be found and viewed online.

A registered user brought this to our attention and within 24 hours the database was removed from the internet and could not be seen by anyone. Atari takes very seriously the privacy of its registered users.

Atari is implementing new protocols to further assure the privacy of user data. If you have any questions, please contact Atari at userinquiries@atari.com. Atari is grateful for its registered users’ interest in our products and looks forward to continuing to provide interesting and useful information about our games and products to you in the future.

Separately games developer Square Enix admitted over the weekend that it had lost up to 1.8 million user data records to attackers including names, addresses and phone numbers following a hack attack on its website. Personal details of gamers in the US and Japan spilled as a result of the breach at Square Enix, which thankfully also didn't involve credit card details.

The incidents are just the latest in a seemingly never-ending line of security flaps involving gaming firms this year. The most notorious of these breaches led to the weeks-long suspension of Sony's PlayStation Network back in April.

Chris Boyd (AKA Paperghost), an avid gamer and security consultant at GFI Software, told El Reg that "games companies are still providing a juicy target" for hackers and other ne'er do wells.

"Gamers should be continue to be wary with regards what information they give to games companies as the massive amount of information these companies collect is proving too valuable a target to resist," he warned. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
L33t haxxors compete to p0wn popular home routers
EFF-endorsed SOHOpelessly Broken challenge will air routers' dirty zero day laundry
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.