DayZ’s forums were hacked back in January

    
4

DayZ developer Bohemia Interactive told users last night that its forums had been hacked. Actually, it was hacked well over a week ago, which it obliquely referred to on Twitter, but last night was the first full confirmation of the “security incident” and what precisely was taken.

“According to our investigation all usernames, emails and passwords from forums.dayzgame.com were accessed and downloaded by hackers,” says the company. “While the passwords were not stored in plain text, but in a more secure form, it is highly recommended that if you have used the same password elsewhere you change it immediately on all applicable websites and services.”

Bohemia says it’s replacing the forum login system with a new Bohemia Account system. In the meantime, time to change your passwords.

Source: Reddit via VG
Advertisement

No posts to display

newest oldest most liked
Subscribe to:
paragonlostinspace
Guest
paragonlostinspace

I don’t see mention of encrypted and salted customer passwords and other account information.  Idiots

RagnarTheDrunk
Guest
RagnarTheDrunk

TonySan RagnarTheDrunk
I respectfully disagree. Any script kiddie can “hack” a site. 

The time and horsepower needed to break encryption is nothing to laugh at. There’s a reason the NSA and FBI are demonizing encryption all over the media right now and trying to get it removed from our phones. The time and expense pretty involved in cracking encryption much renders the data useless. 

Furthermore, the difficulty of the crack relies more on your choice of password than anything else. My typical 10 character password clocks cracking in at ~19 centuries for an Online attack scenario, ~19 years for an Offline Fast Attack scenario and 1 week – dedicated to just my 1 password, no one elses – using a Massive Cracking Array scenario (Assuming one hundred trillion guesses per second). This is definitely not worth the effort for a MMO password. Probably not even for my banking password.

A little encryption goes a long, long way.

Check it out for yourself here: https://www.grc.com/haystack.htm

TonySan
Guest
TonySan

RagnarTheDrunk Not like it really matters. Anyone that can hack a site can get through a bit of encryption.

RagnarTheDrunk
Guest
RagnarTheDrunk

“While the passwords were not stored in plain text, but in a more secure form”

Ummm… what? 
I think the positive version of this statement would be “the passwords were encrypted”… but they didn’t say that, so what do they mean by “not stored in plain text”? Not in a .txt file, but text in a mySQL DB?