Gaming Site Breach Affects 8 MillionUsernames, Encrypted Passwords Posted Online
A four-month-old data breach affecting gaming site Gamigo recently led to 8 million e-mail addresses and encrypted passwords being posted online.
As a result of an attack in March, usernames, e-mail addresses and encrypted passwords were recently posted to InsidePro, an online password forum; they were subsequently removed. The information was taken from an older database by unauthorized intruders, says Dennis Hartmann, public relations manager at Gamigo. "As far as we can tell, the published records contained no new data."
Forbes reports that 8 million accounts could be affected by the breach. But Gamigo couldn't confirm the number of accounts compromised because it didn't have a chance to download the file published to the forum, Hartmann explains.
At the time of the breach in March, Gamigo notified all its users and reset their passwords. The company also took the hacked database offline and reviewed the company's IT security policies.
Other efforts include removal of a portion of the company's offerings from the Internet, notification to relevant civil authorities and a clarification of the ensuing legal questions, Hartmann says.
"The republication of the stolen data serves as a strong reminder of the need for vigilance and ongoing critical review of our procedures and policies," he adds.