Unity forums hacked

Engine maker blames poorly implemented password routines, says it will roll out two-factor authentication in coming weeks

Unity today confirmed its forums were targeted by hackers over the weekend.

"On April 30, our public forum website was attacked and successfully compromised due to poorly implemented password routines; our investigations show no theft of passwords in this attack, nor impact to any other Unity service," Unity director of security Andreas Haugsnes said in a post about the incident. "However, the attack did result in defacement of the site (which has since been fixed) and subsequent messaging to all of our registered forum users."

Haugsnes went on to detail new security features and policies the company will roll out in the coming weeks, including two-factor authentication for its services (including the forums), alerts to notify users when new devices log in with their account, and new requirements regarding passwords.

"We're sorry," Haugsnes said. "We know you put your trust in us. We will learn from our mistakes."

As for how the hack came to light, Unity users (including Hidden Folks developer Adriaan de Jongh) reported receiving emails from Unity's account in which a group called OurMine said it hacked the site and had access to a database of 2 million users. The email also recommended users change their passwords.

Related stories

Unity buys GAME's Multiplay Digital business for 19m

GAME bought the entire Multiplay division for 20m almost 3 years ago

By Christopher Dring

Unity opens Los Angeles office with Insomniac devs

Mike Acton and Andreas Fredriksson head up fresh efforts to advance data-oriented programming

By James Batchelor

Latest comments (1)

Dariusz G. Jagielski Game Developer 7 months ago
There are very few times I'm glad that I'm banned on the UF. This is the one of those times.

0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.