Feeds

Atari and Square Enix cough to exposing users' privates

Gaming security still sux

Protecting against web application threats using SSL

Atari has apologised to gamers following a security breach that exposed their names and email addresses, leaving users at heightened risk of spam as a result.

The gaming outfit blamed the fairly minor breach (no credit cards or mobile phone numbers were exposed) on problems introduced during a migration to a new cloud-based server platform. The breach came to our attention via an Atari email (extract below) forwarded by Reg reader Troy, who commented: "Well, this sounds like fun, might explain all the recent spam I have been getting".

Atari has discovered that some information that you provided to Atari when you registered on our site was recently able to be viewed publicly. The information that was viewable was your name and e-mail address.

This occurred when an outside contractor working on our website created some spreadsheets related to registered users. The spreadsheets were maintained on a database hosted on a cloud server that crashed.

When the server was brought back up online, the firewall around the database was inadvertently not re-established. As a result, there was an approximate three week period of time when names and e-mail address were able to be found and viewed online.

A registered user brought this to our attention and within 24 hours the database was removed from the internet and could not be seen by anyone. Atari takes very seriously the privacy of its registered users.

Atari is implementing new protocols to further assure the privacy of user data. If you have any questions, please contact Atari at userinquiries@atari.com. Atari is grateful for its registered users’ interest in our products and looks forward to continuing to provide interesting and useful information about our games and products to you in the future.

Separately games developer Square Enix admitted over the weekend that it had lost up to 1.8 million user data records to attackers including names, addresses and phone numbers following a hack attack on its website. Personal details of gamers in the US and Japan spilled as a result of the breach at Square Enix, which thankfully also didn't involve credit card details.

The incidents are just the latest in a seemingly never-ending line of security flaps involving gaming firms this year. The most notorious of these breaches led to the weeks-long suspension of Sony's PlayStation Network back in April.

Chris Boyd (AKA Paperghost), an avid gamer and security consultant at GFI Software, told El Reg that "games companies are still providing a juicy target" for hackers and other ne'er do wells.

"Gamers should be continue to be wary with regards what information they give to games companies as the massive amount of information these companies collect is proving too valuable a target to resist," he warned. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.