Close
Report Comment to a Moderator Our Moderators review all comments for abusive and offensive language, and ensure comments are from Verified Users only.
Please report a comment only if you feel it requires our urgent attention.
I understand, report it. Cancel

Retail

Update: GAME refutes hacking claims - says no breach took place

Mon 16 Jan 2012 3:03pm GMT / 10:03am EST / 7:03am PST
RetailSecurity

Retailer also says all customer details are "well protected"

UPDATE

GAME has responded to reports that its customer data had been compromised, denying that any security breach has taken place and refuting the claim that unhashed passwords and emails are stored in its databases.

GAME spokesperson Anna Marie Mason issued a statement which denies the rumours of the breach in no uncertain terms, reassuring users that details are safe.

"At GAME we guard our customers' details very carefully," reads the statement.

"We have thoroughly investigated the hacking claims made today by the website Pastebin, and can confirm that they are entirely false. The published email addresses are not registered users of GAME.co.uk, and there has been no breach of our database security.

"We would like to assure all our customers that their details are well protected, and advise anyone who has any questions to contact our customer services team via the website, our Facebook page or Twitter account."

Original Story

GAME's UK site has reportedly been hacked, with the offenders obtaining access to a database which revealed unhashed passwords and email addresses.

Reported via Softpedia, the attack is said to have exploited a shell injection vulnerability to breach the database.

At a similar time, Tasmanian game retailer Catalyst Gaming had its defenses bypassed, with the stolen information being posted at Pastebin shortly afterwards. Usernames and emails were printed verbatim, but passwords for the site were hashed.

Anyone with an account at either site is recommended to change their login details immediately and revise any passwords which are used elsewhere.

GAME has been approached for a statement regarding the attack.

12 Comments

Jason Pullara Podcaster

28 70 2.5
I think GAME ought to be approached for a statement on why in the living fuck were their passwords not salted and hashed.

Posted:2 years ago

#1

Alan Pierce Programmer, Digital Delight

63 19 0.3
There is absolutely no excuse for having plaintext passwords in the database. What a disgrace.

Posted:2 years ago

#2
oh dear! but seriously this is a bit of a indefensible non compliant breach of user data

Posted:2 years ago

#3

Kingman Cheng Illustrator and Animator

954 182 0.2
Oh dear God. : /

Posted:2 years ago

#4

Rodney Smith Developer

81 40 0.5
Shocking! I've asked for my account to be removed.

Posted:2 years ago

#5

Terence Gage Freelance writer

1,288 120 0.1
I've changed my password and deleted my debit card details anyway - hopefully it's not true, but no harm in being careful.

Posted:2 years ago

#6

Kingman Cheng Illustrator and Animator

954 182 0.2
Yeah I took precautionary measures too Terence. But looks like apparently they weren't hacked.

Posted:2 years ago

#7

Sean Warren Inspector

34 0 0.0
Imagine that...

Posted:2 years ago

#8

Leo Wakelin QA Tester, Zoonou

24 4 0.2
People actually register to the Game website? Well I'll be :3

Posted:2 years ago

#9
Their prices are as ridiculous online as they are instore, they will be in administration within the next 3 years, just another retailer that's going down the drain.

Edited 1 times. Last edit by James Wilshaw on 17th January 2012 5:25pm

Posted:2 years ago

#10

Andrew Jakobs Lead Programmer

239 98 0.4
@James Wilshaw: utter BS, their prices are the same as other webshops, I've ordered more than enough from them at low prices which weren't available at other sites at those specified moments.

Even though this SEEMS like a hoax, hackers who do stuff like that and also put stuff like that into the public should be investigated and locked up for the rest of their lives (I even have some other things in mind for morons like that)..

Posted:2 years ago

#11

Rodney Smith Developer

81 40 0.5
[link url=http://www.game.co.uk/wcsstore/holding_page/game/index.html?storeId=10151
]http://www.game.co.uk/wcsstore/holding_p...[/link]

Maintenance work after a hack that never happened... seems suspicious

Posted:2 years ago

#12

Login or register to post

Take part in the GamesIndustry community

Register now