BioWare forums hacked

EA confirms personal info, passwords for 18,000 Neverwinter Nights message board accounts stolen in "highly sophisticated and unlawful cyberattack."

by

The gaming industry has been beset by hackers for weeks, with Electronic Arts and BioWare the latest to confess having users' personal info swiped from their servers. EA today confirmed that about 18,000 accounts on its Neverwinter Nights forum were compromised by "a highly sophisticated and unlawful cyber attack," which it first learned about earlier this week.

Shady characters from Neverwinter Nights.

The publisher characterized the breach as "extremely limited," saying only a small percentage of the accounts were impacted. As for what information was exposed, EA said it included account names, e-mail addresses, passwords, country, and birth dates for users. Older accounts (BioWare Legacy Accounts) were disabled, while more recent EA Accounts need to have their passwords reset before being used again. The publisher has not indicated who was responsible for the attack.

In response to the breach, EA said it has secured the forum's server system and "launched an ongoing evaluation of the seriousness of the breach." Impacted users should have received an e-mail notification from EA.

Electronic Arts and BioWare join an increasingly inclusive list of game makers that have reported being hacked and losing customers' personal information this year. While Sony's high-profile breach was the largest of the gaffs, Codemasters, Bethesda, Epic Games, Minecraft maker Mojang, and CCP have reported attacks or service disruptions due to hackers in recent weeks.

Discussion

155 comments
zaphodbblbrox
zaphodbblbrox

They are getting financed from somewhere, this is just to ridiculous. They need to be hired by these companies to protect their systems.

warhawk-geeby
warhawk-geeby

As much as I hate the hacks at least it's bringing the gaming community together. When PSN went down there was a right hoohar on here with various loyalists attacking Sony with every chance they had. However it now shows that its far more of a problem than previously thought. These guys need to get found, and fast.

Blink3r
Blink3r

what sad hackers... hacking a forum... what can they accomplish by doing that? delete some threads that made them mad? delete the accounts of some nerds? what an accomplishment! =p

Philly1UPer
Philly1UPer

I love how people first people were mad for Sony being hacked, but then mainly hating on Sony and their "poor security" Yet how many Game Companies have been hacked now in the last month and a half? This **** needs to end. period.

GODSPEEDseven
GODSPEEDseven

I don't really know what to think about it.. it just sounds so strange to have so many bigshot companies hacked in such a short period.. by what would "seem" to be the same person(s). I find it all pretty suspicious.. government cover-up? hehe, just joking. @slapstik89 "I think the death penalty should be enacted for such crimes - that would reduce the likely-hood of further attacks." HAHAHA! I had a good laugh at that comment. hehe..

DreadDLordD
DreadDLordD

Looks like every other company needs to tighten up their security measures. The PSN outage was enough of a grave incident. Who knows who will be targeted next.

juliano001
juliano001

[This message was deleted at the request of the original poster]

juliano001
juliano001

And some people defend hackers. Pffff. Nonsense. They are criminals, plain and simple. Thats what you get when you glamourize villains.

redness19
redness19

Eventually, they'll be Cyber Police. A department within the police that investigates and busts hackers and cyber criminals. With technology on the go and more people online then ever, it's only a matter of time before the internet is policed like any other city.

redness19
redness19

V That's why you're not in charge. Is the Neverwinter Nights account any different from your Bioware account? How did they just get NWN info and not Dragon Age or Mass Effect accounts too?

slapstik89
slapstik89

I think the death penalty should be enacted for such crimes - that would reduce the likely-hood of further attacks.

Centurion95
Centurion95

Wow, this just keeps on growing, I would not be surprised if the next targets are X-box live accounts....

bub166
bub166

@_gamekid_ The group "lulzsec" claimed responsibility for the Nintendo hack, and they claimed it was "for the lulz" but they liked Nintendo. Sony breaches are apparently being tracked to Anonymous MEMBERS but not anonymous itself.

00J
00J

Under attack by hackers. There are large Cyberattacks happening since 2 months ago. It's a Cyberwar, the first Cyberwar of the 21st Century... United Airlines was hacked Friday too.

_gamekid_
_gamekid_

This is making me suspicious, both nintendo and sony have been hacked, maybe this is all microsoft's doing............

bsd360
bsd360

Wat's up..every gaming company's data is getting stolen...........at least we trust Xbox live security....

Diablo-B
Diablo-B

I guess schools are out and nerds have nothing to do with their time

Born_Lucky
Born_Lucky

I wonder if these hackers are good looking guys, with great jobs and wonderful families? Yeah . . . probably not , huh?

bandtnt
bandtnt

It seems that all recent hacking is just the debut of Armage**on.

Agent-M
Agent-M

These guys need to spend less time hacking video game companies and spend more time playing video games.

zidan4000
zidan4000

alright , now there is no doubt that someone is paying these hackers to do the job.

shkar
shkar

This is so stupid,,,,,,,I mean what valuable stuff can they find?? nothing ,,,i dont care if my online gaming accounts are hacked,,,as far as I am concerned the only valuables that i will lose are my gaming progresses and trophies.......

TheGame402
TheGame402

This hacking business is starting to be really stupid.What point are they trying to prove besides they have too much time on their hands.If they are that good at using computers then they should use their powers to help the economy & not for their own personal gain. I hope this has taught most people a lesson & that is never use personal information online because personal information like a credit card can be stolen & used for what ever twisted plan some wants to use it for. & by gamespot & ign posting this stuff about the hackings is only going to stroke these hackers egos even more & give them fame on the internet for doing something illegal & its fame that they don't deserve.it seems the hackings aren't even for a purpose it is just for the sake of them that they can & which is why they are doing it for now is because of every game company that gets hacked Gamespot & IGN report on it. These Hackers are like a new virus if you fix your secruity after it has been breached they will still find a way back in.

p478
p478

Man does somebody have it out for the gaming world. Is there any major company that hasn't been breached yet?

Drifter_sion
Drifter_sion

...lol you know what sucks....I'm part of that crew (bioware account).

Drifter_sion
Drifter_sion

That's that bs... This creates serious apprehension toward online sensitive information exchange. Its also inevitable. Unfortunately it is a negative re-enforcer that we don't live in fortes.

lonewolf1044
lonewolf1044

@The Arcade, everytime you input your info online you are suspectible to having your info intercepted. There is no server even with the latest tech on board 100% safe or hackproff. Knowing what you know now you are or should be aware that the internet is not safe and you risk using your credit card online. You can go ahead and sue if you wish and I wish you luck being thier pockets or deeper than yours and you will probably file for bankruptcy before it is settled.

Ladiesman17
Ladiesman17

Maybe those hackers have some kinda acute traumatic about their past, maybe it happened when they were kids, they raped by someone who's like gaming a lot. :roll:

TheArcade
TheArcade

Look! You may take the passive roll and get your identity stolen and not do anything about it. God forbid that from happening to you. But if my personal info is being exploited by hackers then I'm holding the site holder personally responsible. It's because of them that I've been compromised it's their responsibility to compensate me. Doesn't matter about their maintaining resources use what you have to shield users from further attack. I got family to worry about. Letting it slide isn't short-sighted at all nor is my reasoning suggest "stupid basis" it is sound. You're the one flipping out giving ludicrous advice telling me not to sue the company who leaked my info? I don't care if it was accidental the fault lies with them so they must be punished!

twistedface12
twistedface12

not surprised china , russia and usa should send the whole army to find those bastards

Darnasian
Darnasian

@Frosty192 Better said: Get a life! They should get a life not a job because they obviously have no life and from the looks of things they seem to be good on the programing/hacking/working on computers so getting a legal job in this category it should be easy for them! So better said: Get a life!

vega13mv
vega13mv

yeah, you guys made it on the news, but at the end of the day, you're still a bunch of scrawny nerds with pathetic little lives

NotJackieChan
NotJackieChan

Is this the new trend or something? Hacking into video game servers? What douche bags.

raptures330
raptures330

*News Bulletin Update* Sega Database hacked and accessed. (part of the release by Sega) "We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text. Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion. If you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately." More info @Sega and Google

hirest-gree
hirest-gree

NoDzombie Posted Jun 17, 2011 10:16 am GMT seriously, what are they even trying to accomplish with all this except pissing everyone off, i really dont get it ----------------------------------------- This information is extremely valuable. Which is partly why companies like Facebook and Google have so much power. And, in the wrong hands, the data's value is increased exponentially. Emails with passwords are direct portals to peoples credit card numbers, paypals, and they even open up potential for identity theft and recreation.

Poodlejumper
Poodlejumper

Seems these guys doing things for LULZ are doing things to anger people who could have some sympathy for hackers in general...especially those who are trying to occasionally bring secrets to light that should be brought to light. Seems strange...maybe even scripted by the people who don't like it when hackers do something useful (like mess with Fred Phelp's family or Scientology)...bring me my tinfoil hat.

raptures330
raptures330

Ever since the PSN thing have you noticed how all companies state this after: "The publisher characterized the breach as "extremely limited," saying only a small percentage of the accounts were impacted." Or something very similar? The only real danger that comes from these 18,000 accounts having their info accessed is if these people reuse their passwords everywhere with the same email. Which is possible. Good luck to them. PS LulzSec To "celebrate" their 1000th tweet they have released a pretty srs (for them) statement on what they are doing. They have also sent a message to Sega telling them that they will go after whoever attacked them (its been attacked obviously) since they like the dreamcast too much. Tidbit: "We've been entertaining you 1000 times with 140 characters or less, and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living f***" Full statement: Warning "swear" words used freely. If you don't like swearing, don't go there. http://pastebin.com/HZtH523f PS 2 They have also uploaded the 62k emails and passwords in text format. For the paranoid people you might want to go there and CTRL+F yourself. Just in case.

raptures330
raptures330

@method115 They release info in bulk. 62k emails and passwords released into the wild the the day before last. Before that a huge number more from prawn sites. @Frame_Dragger They DDoS the CIA not hacked. Senate.gov got some info stolen but according to reports it would be the same as stealing the laundry list, grocery list, and unimportant conversations. People are combing through it in case some idiot was emailing sensitive info (which they shouldn't). @SolidTY Things have changed a lot since the original Anon DDoS of PSN. It is also a different group with a different aim than before. You cannot lump all hackers together just as you cannot lump all gamers together. We are all not fat, basement dwelling, back pimpled, mouth breathing, asocial, action figure collecting men wearing a Boba Fett helmets. Are we? *readjusts visor*

jhonel83
jhonel83

@dstv, Facebook? get real, who cares about that? you don't post real information on socialization sites, do you? All they could see there is some pictures with me butt naked while drunk. And I don't care about that. More on the actual subject -I disagree with posting every single hack attack and making such a big deal of it. It only encourages their ego and gives them satisfaction

Ex-DarkBlade
Ex-DarkBlade

I wish I could pay a hacker to hack these losers and post their personal information on a website.

devrindare
devrindare

hahahaha................this is crazy. Maybe a hacking season is going on.

Frosty192
Frosty192

Yay more worthless scumbags that have nothing better to do. Get a job.

nosferatu94
nosferatu94

what the hell is this? a hackerthon?! if these guys wanna hack some serious sh*t why not go hack darpa or the pentagon. this is just nuts.

gwailo2470
gwailo2470

Of course they would classify is at highly sophisticated. Makes you look bad otherwise. And I believe hacking is inherently illegal, otherwise its just called logging on.

mergulho456
mergulho456

@emperiox Of course it is. If you ask someone to kill another person, it's a crime. Your an accomplice and your planning the murder. In this case, hack attempt.

The_CJ_Dude
The_CJ_Dude

So... Sony had to go through humiliation for something that was not entirely their fault, then suddenly everyone is getting hacked. Karma's a b****.

cjf187x
cjf187x

@method115 So then why do it? Why take that data, or hack them in the first place. @spykiller I'm surprised they haven't gone after Microsoft yet...I could only imagine what would happen if they did.