Square Enix: Websites Hacked...email addresses lost

source = http://www.bbc.co.uk/news/technology-13394968


Hackers have broken into two websites belonging to Japanese video games maker Square Enix.


The company confirmed that the e-mail addresses of up to 25,000 customers who had registered for product updates may have been stolen as a result.


Resumes of 350 people applying for jobs in its Canadian office could also have been copied from the web servers.


Square Enix, which makes the popular Final Fantasy, Deus Ex and Tomb Raider games, apologised for the breach.


In a statement, it said: "Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites.


"We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again."


It is understood that the websites affected were Eidosmontreal.com, run by Square Enix's subsidiary Eidos, and Deusex.com, a promotional site for the forthcoming game, Deus Ex: Human Revolution.


Scammer's dream

Graham Cluley, a consultant at security firm Sophos, warned that both leaks could cause problems for the individuals concerned.


"With the e-mail there is a danger that gamers could be e-mailed by someone pretending to be from the company who gets them to click on a link or run some malicious software," he told BBC News.


"The resumes are a blueprint for identity theft. They have everything that scammers want. The only thing missing is credit card information."


Mr Cluley pointed out that there was also the potential for huge embarrassment as it was unlikely those who had applied for jobs would want their current employers to know.


Square Enix said there was no evidence that the information had been distributed.


It also emphasised that the company does not hold customers' credit card data on its web servers.


Shortly after the attack, both websites displayed the message "Owned by Chippy1337", as well as several other known hacker names, including Xero, XiX and Venuism.


However, it appears that some or all of those names may have been misappropriated by the real attackers.

Tomb Raider maker Eidos owned one of the hacked sites. The company is owned by Square Enix. Logs of Internet Relay Chat (IRC) conversations have appeared on the online, which appear to show the perpetrators discussing the hack as they carried it out. In one section, the individuals taking part wrote: "We put it in the name of chippy1337 and write the names ryan, dfs, xero, nikon, xix, venuism and evilhom3r.

The same person then added the comment, "lol [laugh out loud]".




Discussion Info

Last updated July 4, 2018 Views 14 Applies to:

I am signed up the the Deus ex promo site...luckily have learned over the years to use multiple email address for different game sites, so if it was one of those that was obtained...they wont get any useful info

Where will all this hacking business end? Seems since PSN's been hacked there trying it with as many site's as possible too see how far they can go

Since all of this hacking i have begun to take extra precautions. It is just getting stupid now.

Lol, I was just about to sign up to Square Enix today.

I dont think i'll be doing so any time soon. XD

I dont thing any of us will be back there again. hehe

Question: Have any of you being getting this 'lockout' thing when logging into this website? It says that an incorrect password has been used too many times or something

After the PSN thing I changed all my passwords but I'm just wondering if the above is related to someone trying to log in with my gamertag or if its something else