Original URL: https://www.theregister.com/2012/04/26/cryptic_unauthorised_access/

Star Trek role-players' privates sniffed by alien invader

Cryptic Studios coughs to database hack

By Brid-Aine Parnell

Posted in Security, 26th April 2012 12:38 GMT

Gaming studio Cryptic, the company behind Star Trek Online, Champions Online and City of Heroes, has admitted that its players' details were lifted in an unauthorised database access two years ago.

Cryptic said in a canned statement yesterday that it had only just discovered evidence of a data breach in December 2010, during which account names, handles and encrypted passwords were gathered.

The studio said it had reset passwords and sent emails out to all affected online role-players, but it doesn't yet know whether more sensitive information - such as real names, dates of birth, billing addresses and some digits of credit cards - were slurped.

"While we have no evidence that any other information was taken by the intruder, it is possible that the intruder was able to access additional account information," Cryptic admitted.

The studio said it was still investigating the digital break-in and was strengthening its security systems.

"For your own security, we encourage you to be especially aware of email and postal mail scams that ask for personal or sensitive information," it advised. "If you use the same password for other accounts, especially financial accounts or accounts with personal information, we strongly recommend that you change them."

Cryptic specialises in free-to-play online games and was acquired by Perfect World last year. The studio had not returned a request for additional comment at the time of publication. ®