War Z hacked

Controversial zombie-shooter taken offline after hackers gain access to database with passwords, email addresses, more.

The War Z has been taken offline after hackers have gained access to the controversial zombie-shooter's forums and game databases, publisher OP Productions has confirmed.

Player passwords, email addresses, IP addresses, and any other information posted to the forums has been exposed. Payment information is not at risk, as all transactions take place through a third-party, OP Productions said in a statement.

"We are sorry to report that we have discovered that hackers gained access to our forum and game databases and the player data in those databases. We have launched a thorough investigation covering our entire system to determine the scope of the intrusion," the company said. "This investigation is ongoing and is our top priority. As part of the remediation and security enhancement process we will be taking the game and forums down temporarily."

It was not mentioned when the intrusion was first discovered.

OP Productions said all War Z game and forum passwords are encrypted, but that did not keep the hackers from accessing the data.

"There is a possibility that simple passwords can be obtained using brute force even if they are encrypted," reads a line from the statement. "Our research shows that many users are not using strong passwords."

The company urged all players to change their passwords immediately by visiting the War Z website or through the game launcher.

OP Productions is working with "outside experts and investigators" to help with the ongoing investigation and said it has committed "substantial resources" to that end.

"We are undertaking a full review and update of our servers and the services we use and adding additional security mechanisms," the company said. "In addition to this post, we are emailing all of our players just to make certain that everyone is informed and has been advised to change their passwords."

"This has been a humbling experience for us. While we all know that there is no guarantee of security on the Internet, our goal is to try our very best to protect your data. We sincerely apologize," the statement goes on. "We will update you on status as we make progress."

The War Z launched on Steam in December and was pulled just a day after release, after users reported numerous issues. Valve called its decision to originally publish the game a "mistake." The game was reinstated on Steam in late February.

Written By

Want the latest news about Infestation: Survivor Stories (The War Z)?

Infestation: Survivor Stories (The War Z)

Infestation: Survivor Stories (The War Z)

Discussion

309 comments
ibgrl
ibgrl

I know many people who use a Hack from Damncheaters.com and never been banned!! shouldn't they have a good anticheat software to detect this kind of Hacks?

KanameGaming
KanameGaming

That should just stop work on this game its just a massive troll for the producers its terrible. they should just give up on it and shut it down. 

kidbu3
kidbu3

oooooooooooooooooooooooooooooook

sting5
sting5

Damn another loss to publisher... Developers of this game are really unlucky, first articles about trying to "steal money" from players, now this... Feel sorry for them...

SinisterVin123
SinisterVin123

this is what happens when a company like hammerpoint exploits and mistreats their users... if anything the community turned on them pretty hard.. but i don't think this was an attack on the players but rather the company... 

so to all fans of the war z i expect they only wanted to get the server files so private servers could be created for free on personal computers.. i hope this is the case because i'd love to have my own server and after xsolla (their third party money handler) screwed me over for 15 days (tomorrow is the 15th day) i don't really want to buy anymore GC for server rentals

lets hope the server emulation software comes out soon

Dante0611
Dante0611

So glad i didn't touched this train wreck of a "game", well not really a game a failure alpha experiment to be more accurate, now to wait for the fanboys to flame me. woot!!!

AmnesiaHaze
AmnesiaHaze

i rather play walking dead survival instinct , the game is better and im on the safe side with my personal data :D

nomadski69
nomadski69

"Our research shows that many users are not using strong passwords." 

 My research shows your company isnt using strong enough server protection.

 So glad I skipped this one.

Namahsdrol
Namahsdrol

This game is rubbish. I say let the hackers in, perhaps they will make a few improvements!

AnyKeyz
AnyKeyz

Customers are pretty upset due to the fact that their names may go public and everybody will know they paid for this game.

_Roo_
_Roo_

Who would have thought that a game would come out that made Duke Nukem Forever look like a great game.  

What a disaster.  Maybe the hackers can fix the game.

yellosnolvr
yellosnolvr

at least this affects only like 5 people

baskedragon
baskedragon

This game is piece of shit , it should be F2P and even then no one would play it .

AzatiS
AzatiS

Is there any human on this planet playing this crap ?

KaSeRRoR
KaSeRRoR

: having flashbacks of the PS3 hack... : I wouldn't be surprised if they got a hold of credit information... I would cancel anything I used for payment for anything I had purchased as well... So unfortunate...

>=)

ggregd
ggregd

They use microtransactions, so do they store people's credit card information?  Was that information taken by the hackers?  I wouldn't put it past these jagaloons to forget to mention that to their "valued customers."  I would cancel any credit card I used to buy anything from them.

BLKCrystilMage
BLKCrystilMage

Maybe the hackers can fool around with the code so the game is actually playable.

sadeed
sadeed

Duuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuh!!!

s5s5stan
s5s5stan

Dude Eddie, you're always reporting on the best gaming related articles that I've seen so far from staff on here. Always the most interesting stories. Keep up the great work!

Techn1c4l
Techn1c4l

The title should be "War Z brought to justice".

HKILLER88888
HKILLER88888

"oopsy daisy!Looks like our game data base and forums has been hacked and all the players information,account passwords,progress of the players and everything is up in the air!but this isn't because of our lack of security and laziness or poor fire wall protection,it's because you dear users don't have strong passwords on your accounts.we don't promise your account and info back.we might delete the corrupted data so many of you might be back to square 1 with no item or money or maybe have to buy the game again and make a new account!yet you might wanna change the password of your useless stolen account through our site!good day!"
P.S: we are NOT sorry!

dalua360
dalua360

double post: This is for all the gamers that are complaining about their hacked accounts:

The customers that bought and played this game are f*ck*ng idiots before anything, because they bought a game that shouldn't be on Market, a poor copy of a MOD, a stolen idea, a rushed development to steal the uninformed gamers ! If some suspicious black market guy comes to you and offers you to open a digital bank account, would you put your Money in there????? YOU are the only ones to blame, the gamers that trusted on a thieve ! You all got what you deserved! Next time, put some thinking before throwing your money and personal data into some minor developer server ! Sony was hacked and they had tons of money to make things right... now go after the War Z devs and ask them to mitigate the situation like Sony did, hahahahahaha, they can't even track these guys !

There are gamers that don't even buy certain games due to moral values or loyalty to the series, for example, I heard many gamers didn't buy DMC because of the original Dante, there are some players saying they won't buy MGS5 without the original voice..... those are only examples, but WHY everyone was there to buy War Z even though all the controversy ? Now reap what you sow.....

CKeenan07
CKeenan07

Hackers are d-bags and War Z devs are even bigger d-bags, so this works itself out somehow.

Lu_Shen
Lu_Shen

Omg, that game looks soooo terrible and unpolished.

dalua360
dalua360

It was the development team from DAY Z that hacked War Z LOLOLOLOLOLOLOL

diabolik_023
diabolik_023

i am glad they took it down... and it should stay down till the devs will actually invest interest for gamers not to just make money with a broken product.


FUCK YOU War Z !

AlexFili
AlexFili

It's official, the developers who made "The War Z" are the worst game developers ever. Not only do they not care about making a fun game, they don't even care about security. (slow clap of shame)

moonlightwolf01
moonlightwolf01

So it turns out they can't even get security right on their stolen game idea design, honestly I feel sorry the players who have had details stolen but this shoddy mess of rip-off of someone else's game deserves all the unpleasantness it gets. I hope this is the final nail in the coffin for these thieves.

Ka3DX
Ka3DX

@nomadski69 They're actually blaming the players? that's pretty pathetic

eati7
eati7

@yellosnolvr 5 people who deserved it by giving their credit card details for micro-transactions in a game like this...

WarL0rdzz
WarL0rdzz

@AzatiS I stopped after a couple of day's of trying to play it...

eati7
eati7

@AzatiS Funny thing...i got here pretty much to post the exact same thing...he he...

dalua360
dalua360

@s5s5stan  @eddienoteddy  agree, most of GS staff forgot what is professional gaming journalism! I'm not sure if the lack of quality articles and impartial reviews are being influenced by publisher's sponsorship or the alienation of the kids, but we need a fix for that ! We need GS as a repository to find what is good or not, and for that, we need them to be professional like this guy !

ggregd
ggregd

@dalua360 You're blaming the victims just like Hammerpoint.  Well done!

smurfa1
smurfa1

@AlexFili While I agree there are numerous issues with this game and company and I don't like the game myself, you seriously should consider taking a internet security course or two. Actually every human would be good of doing it.

To start with, as stated, many players were using weak passwords. That is a consumer error. Secondly most consumers do not change it every now and then, another consumer error.

Now, should we consider internet safety, if you connect a system to internet, that system are to be considered breached sooner or later. The only time you can garantee that your system cannot be breached is if you NEVER ever connect it to the internet.

Finally, I guess Sony nevere cared about security either? My guess is that Hammerpoint did but loopholes always exist. 

dalua360
dalua360

@ggregd @dalua360 I don't care if Hammerpoint is doing or not what they should do, the point is: If you choose to be part of something, it's your responsibility! They chose to be Hammerpoint's customers, what they expected? Platinum service ? If you buy a Ferrari or a Rolls Royce you can be sure that if something happens they will teleport someone to help you instantly, but if you buy a $1000 car, what would you expect ? Not to mention that what they did was supporting a thieve, so..... their fault! I never said such thing about the clients that suffered from Sony's case, that alone can show my point of view and coherence!

dalua360
dalua360

@smurfa1 @AlexFili

Let's analyse your thoughts: First you said that it's partially the costumer's fault because they don't understand about internet security, then you blame Sony for not care about security ? A little incoherent uh ? Even though I agree that the internet itself will never be safe, there is an abyss between Sony's infrastructure and Hammerpoint. And even if all the users had the habit of using better passwords,I think that Hammerpoint can't fix the situation like Sony did ( or tried at least ), so, if we can't avoid using the internet, at least we need to put our trust ( personal data ) on trusted infrastructures, or better, on people who has sufficient money to fix the mess !

neofreak89
neofreak89

@dalua360 @ggregd  Umm i bought the game just because i had a tiny bit of faith... i didnt want it to suck so i gave it a chance, its not my fault it got hacked and its not our fault for complaining when its the company that sucks. we dont deserve our info to be leaked so fuck you. I (just as much as everyone else) want this game to be run into the ground and i want a full refund with a personal written apology to everyone who bought this shitty game. How where we supposed to know this game would be this bad if we bought it giving it hope it wouldnt be? How where we supposed to know the site would be hacked? So before you be an asshole to people think before you type. Cheers. ya asshole.

smurfa1
smurfa1

@dalua360 Yes and no. You missunderstood me. I am not pointing on one certain individual or company. My statement about Sony was because AlexFili was stating that Hammerhead wasn't caring about security. With his sense of reasoning then we clearly can blame Sony for not caring about it either.

Honestly from what I can get from this article, Hammerhead at least encrypted their data which, "fun" fact, Sony didn't. They actually stored their data in plain text which is REALLY REALLY bad in safety aspects. In that Hammerhead actually did better than Sony. This is the reason to have a strong password, it will be much harder to bruteforce if your password are twelve characters instead of eight and adding some special characters may render bruteforcing hash-tables unusable.

Now of course Sony did a thourough investigation and upgraded their systems to counter this type of intrusions, at least after they got hacked again within a week. And yes they most likely have better people since their system is way more complex than Hammerhead.

I just wanted to point out that just because you are a major company doesn't mean you do things better. And likewise just because you are a small Company with a bad game doesn't mean you don't care about something, in this case safety.

Can take another example if you want, Pentagon doesn't have their sensitive data servers connected to the internet for a reason, because it will get hacked. This isn't just as relevant.