Close
Report Comment to a Moderator Our Moderators review all comments for abusive and offensive language, and ensure comments are from Verified Users only.
Please report a comment only if you feel it requires our urgent attention.
I understand, report it. Cancel

Codemasters latest to suffer from hacked data

Thu 26 May 2011 1:08pm GMT / 9:08am EDT / 6:08am PDT
Publishing

Site shut down and security hole closed after admin details stolen

Codemasters

Taken from MobyGames.com:

Codemasters develops and publishes video games for Sony, Nintendo and Microsoft...

codemasters.com

UK publisher Codemasters has become the latest games company to suffer at the hands of hackers, following high-profile attacks on Sony and Square Enix.

The Dirt and Operation Flashpoint publisher told GamesIndustry.biz it moved quickly when it discovered password and login data for Codemasters.com had been compromised and posted online.

"On Friday 20th, there was an attempt to gain administrative access to the Codemasters.com website. This admin access may have allowed alterations to our company website.

"We responded swiftly with a full investigation to isolate the issue, bringing down Codemasters.com for a few hours to ensure no access would be possible, and returned the website after a security hole was closed. While some staff admin names were obtained, passwords were all encrypted."

"Our online team take security of user data very seriously and we are reviewing all of our websites and systems to ensure we are as safe as possible, especially as many games companies have been popular targets for this sort of activity recently."

As well as the high-profile PSN breach at Sony, which is expected to cost the company in the region of $170 million, Square Enix also fell victim to a hacking attack last month, with email addresses and CVs compromised.

12 Comments

James Prendergast Research Chemist

735 432 0.6
I'm thinking of starting a pools draw for which company/website will be hacked next and/or when.

(This has the double advantage of if someone is too precise they might have their identities forwarded to some authority for further consideration ;) )

Posted:3 years ago

#1

Stephen McCarthy Studying Games Technology, Kingston University

205 0 0.0
I calling bioware next...

Posted:3 years ago

#2
Let's play a drinking game- every time a website is hacked, we have a shot of some high percentage alcoholic drink. We'll be stoned in absolutely no time.

Posted:3 years ago

#3

Andrew Ihegbu Studying Bsc Commercial Music, University of Westminster

462 172 0.4
Someone realised after PSN just how vulnerable this industry is, now the floodgates have opened!

Posted:3 years ago

#4
Maybe the actions of some people pissed at Codemasters because of the Dirt 3 - PS problems?

Posted:3 years ago

#5

Shane Sweeney Academic

396 408 1.0
Its not just that. There is a bit of a war going on, the groups on the darknets are infighting and a lot of groups are attacking each other too. Getting information on it is hard as a lot of central hubs where people usually talk about these issues are also down.

Posted:3 years ago

#6

robert troughton UK General Manager, Epic Games

222 96 0.4
According to The Hacker News, there were actually 2.5million accounts found here... though passwords were encrypted. They have a screenshot showing some of the CodeMasters.com emails on their site...

This is a little different from what I've read about the Sony hack. The reason, I believe, that Sony are getting hit so hard at the moment is that Anonymous, who were annoyed about the whole George Hotz and OtherOS issues, have stated that they want small Sony sites taken down as part of a "recruitment drive"... so it's a little like viral hacking - having enough newbie hackers chipping away at Sony sites will eventually show up the cracks... then, on top of this, the media furore surrounding this gives hackers easy ways to become famous. Taking down a Sony Music site isn't a bigger thing than hacking into CodeMasters' - but the former will be much more likely to be featured on the big news sites at the moment.

If anyone wants to know exactly how badly protected many websites are I strongly suggest looking up "The Hacker News" ... just Google "THN the hacker news". Just yesterday there was some alarming news, for example, for those using vBulletin 4.x versions - an easily exploitable security hole... vBulletin released a security patch - but I doubt many will update fast enough. Older versions of vBulletin had, of course, even more security issues... Atari, as an example, are still on 3.6.8: http://forums.atari.com/ ... and all that it takes to find this information out is a Google search - "Powered by vBulletin 3" ... scary.

The fact is, though, these hacks were happening all the time - people are only noticing now because the PSN hack was an absolutely massive "win" for the hackers... followed up by another with the SOE site. Hopefully people, globally, will learn something from all of this...

Edited 1 times. Last edit by robert troughton on 27th May 2011 7:09am

Posted:3 years ago

#7

Björn Loesing Producer, OnnetCorp

16 0 0.0
BioWare/EA are my next bet, too.

I'm still saddened but unsurprised at the sheer amount of happy net-vandalism some individuals enjoy.

Posted:3 years ago

#8

gi biz ;,pgc.eu

341 51 0.1
Security in the games industry has never been a priority. Many supposedly secure websites are still vulnerable to SQL injection and other amenities, imagine how open an industry that doesn't care as much about security is. And yet, now that you have to subscribe for every game, companies became valuable data mines. Aside of vengeance and fame, data mining is a major business, I wouldn't be surprised to discover that those hackers are being paid from someone, for example.
Is it time to realize that the era of the SNes is over and that putting some effort into security - and I don't mean DRM, I said SECURITY - is due? Didn't the excellent Wipeout on PSP, or Lumines or what else, allow a major hack to the whole system because of lack of security? Let me guess - they used the old string.h functions?

Posted:3 years ago

#9

Shane Sweeney Academic

396 408 1.0
Indeed, the company I work for is currently hiring Penetration testers for our internal systems. Security consultants the world over must be doing very well out of this.

Posted:3 years ago

#10

James Butterworth IT Hardware & Software

24 1 0.0
Not surprised this has happened to CM after the way they treat paying customers. Bought Race Driver 3 on launch and the protection system didn't work when Win 7 came out. Codemasters flatly refused to support Win 7 and said major programming changes were needed to make it compatible.

That was bullshit, as it was only the protection system that needed upgrading, which Starforce had done. It needed to be patched into the game by CM which they didn't want to do. I ended up using a No-DVD crack and Starforce remover to bypass the protection system. It runs fine now, and I no longer buy CodeMasters software. They don't give a shit about me when I pay for their software, I don't care when they're hacked. No wonder piracy is so damn rife in PC gaming with developer attitudes like that.

Posted:3 years ago

#11

Jeffrey Kesselman CTO, Nphos

112 0 0.0
Game developer s have been too complacent for too long about online security. Its just.that simple
. Building secure online systems is a science but its not rocket science.

Posted:3 years ago

#12

Login or register to post

Take part in the GamesIndustry community

Register now