Unity forums hacked

Engine maker blames poorly implemented password routines, says it will roll out two-factor authentication in coming weeks

Unity today confirmed its forums were targeted by hackers over the weekend.

"On April 30, our public forum website was attacked and successfully compromised due to poorly implemented password routines; our investigations show no theft of passwords in this attack, nor impact to any other Unity service," Unity director of security Andreas Haugsnes said in a post about the incident. "However, the attack did result in defacement of the site (which has since been fixed) and subsequent messaging to all of our registered forum users."

Haugsnes went on to detail new security features and policies the company will roll out in the coming weeks, including two-factor authentication for its services (including the forums), alerts to notify users when new devices log in with their account, and new requirements regarding passwords.

"We're sorry," Haugsnes said. "We know you put your trust in us. We will learn from our mistakes."

As for how the hack came to light, Unity users (including Hidden Folks developer Adriaan de Jongh) reported receiving emails from Unity's account in which a group called OurMine said it hacked the site and had access to a database of 2 million users. The email also recommended users change their passwords.

Related stories

Will Wright returns to game development with mobile title Proxi

The Sims creator working with Unity to find an artist for his first games project in almost a decade

By James Batchelor

Unity 2018 detailed in GDC keynote

Machine learning, new scriptable rendering pipelines and more VR support among the highlights

By James Batchelor

Latest comments (1)

Dariusz G. Jagielski Game Developer 10 months ago
There are very few times I'm glad that I'm banned on the UF. This is the one of those times.

0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.