User data stolen in Codemasters hack
"Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history"
Codemasters has revealed that it suffered a hacking attack on its websites last Friday. The extent of the data it believes was compromised during the attack includes personal information, Gamertags and encrypted password information.
An email sent today to all affected customers outlines the extent of the suspected data theft, alligning the attack with the rash of recent cyber-warfare against game-related companies.
"On Friday 3rd June, unauthorised entry was gained to our Codemasters.com website," begins the mail. "As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.
"During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:
Codemasters.com website
Access to the Codemasters corporate website and sub-domains.
DiRT 3 VIP code redemption page
Access to the DiRT 3 VIP code redemption page.
The Codemasters EStore
We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.
Codemasters CodeM database
Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.
Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.
The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year."
The mail then warns customers to change any logins and passwords which share data with Codemasters accounts and beware any emails or phone calls requesting personal information.