Codemasters Site hacked

humanji · 10-06-2011 2:43pm #1

I just got an email saying that last Friday (3rd) the Codemasters site was hacked. The hackers apparently went for the Dirt 3 VIP redemption code section, the estore and their database.

They don't store any payment information, so there's no fear of that going missing, but account names, passwords, personal details, xbox Live gamertags and stuff like that, may have been compromised.

At the moment the Codemasters site is down and will remain down until they sort it out, and if you use their site, change your password first chance you get.

richymcdermott · 10-06-2011 2:50pm

Carol555 · 10-06-2011 3:09pm

Got the same email. Ah well, the hackers won't learn anything new from my Codemasters data, they have it all after hacking Playstation network

.

ShadowHearth · 11-06-2011 12:10pm

Hmmmm it's funny: hackers don't need to hack Microsoft to get the hands on all xbox gamertags and personal info lol.

Benzino · 11-06-2011 12:46pm

Epic games website was also hacked, got an email today about that. Passwords were encrypted though.

calex71 · 11-06-2011 12:47pm

ShadowHearth wrote: »

Hmmmm it's funny: hackers don't need to hack Microsoft to get the hands on all xbox gamertags and personal info lol.

Yup, and the amount off people who use the same login info for both sites and their personal email would be alarming I bet, while not getting access to payment info here directly i'm sure there's more than a few accounts they can use to compromise xbox live account and payment info :eek:

They should be teaching this stuff (e security and best practice etc.) to kids at school these days imo

ShadowHearth · 11-06-2011 4:42pm

I newer ever like idea of email as your log in name. It makes job way easier for hackers. You got email you for more or less entry to all victims things...

PogMoThoin · 11-06-2011 5:41pm

https://lastpass.com/
I use the chrome addon and I cannot recommend this highly enough. I have one master password for my Lastpass and my email, all others are completely randomly generated, I've no idea what they are, Lastpass logs me in and stores them safely. I can get access to them from any pc, I even have the Lastpass addon logging me in on the Dolphin Browser on my Android phone.

Next tip is to have a spam mail, an email address just for sites you expect may be vulnerable or to spam you.

irish_whiskey · 13-06-2011 1:50pm

So what exactly started all this hacking business? Is it really because Sony tried to clamp down on people hacking the PS3?

Stev_o · 13-06-2011 7:05pm

irish_whiskey wrote: »

So what exactly started all this hacking business? Is it really because Sony tried to clamp down on people hacking the PS3?

It's a group called LulzSec who are at the moment targeting anyone they see fit. They are currently calling out Bethesda saying they have hacked their website and compromised their user database.

Potential-Monke · 13-06-2011 7:25pm

They must be well proud of themselves, hacking the same companies that i'm sure brought them so much enjoyment. ****ing hate these people, i've no problem if someone wants to hack a site to show vulnerability, but deliberately taking the information the way they are, it's hurting us gamers, no one else. These little children would want to grow up.

moomooman · 13-06-2011 7:33pm

I contacted Codemasters after getting their email, but they cant tell me what my password was, long time since I used it. So I dont know if other accounts are now compromised.

All in all its the same I've come to expect from Codemasters

dlofnep · 13-06-2011 7:35pm

Benzino wrote: »

Epic games website was also hacked, got an email today about that. Passwords were encrypted though.

It's irrelevant if they were encrypted. If your password was weak, and short, or both - then any common hash like MD5 would be ripped apart in seconds to minutes.

PogMoThoin · 13-06-2011 7:59pm

dlofnep wrote: »

It's irrelevant if they were encrypted. If your password was weak, and short, or both - then any common hash like MD5 would be ripped apart in seconds to minutes.

Yes, and they don't need to un-encrypt it, most websites use similar encryption so having the hash of your password gives them access in other places if they use the same encryption and you used identical passwords. The bigger their database of hashes, the more valuable it becomes. Its just so foolish for anyone to use the same password everywhere, but many still do. People don't cop on till its too late

irish_whiskey · 14-06-2011 12:16pm

So they are just doing this to prove a point or just to cause hassle? I say fair play, its a great way to get companys off their arses and start looking after the users and that we are not just another number

CORaven · 14-06-2011 1:20pm

irish_whiskey wrote: »

So they are just doing this to prove a point or just to cause hassle? I say fair play, its a great way to get companys off their arses and start looking after the users and that we are not just another number

Please explain how breaching a company's database and high jacking customer information is beneficial to the consumer?
Any company that experiences these attacks will incur costs that they will pass on to the customer. How does this motivate the firm?

Gonzovision · 14-06-2011 6:14pm

Escapist magazine and Eve Online have been hit today

Stev_o · 14-06-2011 6:37pm

Angering the Eve community is a biiiiiiiiiiiiiiiiiiiiiiig mistake.

Sierra Oscar · 14-06-2011 7:00pm

This is getting ridiculous. :mad:

CORaven · 14-06-2011 7:06pm

Minecraft too...

Stev_o · 14-06-2011 8:46pm

League of Legends taken down now.

jaykhunter · 14-06-2011 8:52pm

Hacking for the sake of hacking (i.e. no benefit to anyone, not championing a cause) is just f**king annoying. I bet these same assholes think they're martyrs and changing the world and being revolutionary but they're actually just collossal pricks.

Coriolanus · 14-06-2011 9:51pm

Stev_o wrote: »

Angering the Eve community is a biiiiiiiiiiiiiiiiiiiiiiig mistake.

The TitanDOT ex-leader is claiming he asked them to do it since CCP banned him for RMT offenses.

Weepsie · 14-06-2011 9:54pm

sure the IMF were hit during the week

PogMoThoin · 14-06-2011 9:59pm

I'm all for it if it means people take their passwords more seriously and don't use the same one everywhere

Carol555 · 15-06-2011 10:29am

It doesn't look like random attacks anymore and I doubt that hackers' goal is purely to prove their skills. Credit card numbers and PIDs are much more valuable.

It looks as simple as that to me:
1. Security was not taken seriously by some game companies
2. Somebody realised that and decided to take advantage

It is down to the nature of these companies (massive infrastructure, hard to manage and keep up to date), corporate culture (who cares, nobody will be held responsible) and cost cutting. Poor security will only become a problem when it actually hits the company where it hurts - the pocket, which is not the case with current regulations. If corporation was facing a big enough fine, loss of revenue or any other way of losing $$$, it would sort out the security very quickly, I'm sure. They are just not motivated enough.

Here's a very good reading on the topic: http://ilookbothways.com/2011/06/10/sony-%E2%80%93-hackers-new-favorite-playground-companies-must-step-up/

NTMK · 15-06-2011 10:32am

jaykhunter wrote: »

I bet these same assholes think they're martyrs and changing the world and being revolutionary but they're actually just collossal pricks.

They dont they are just acting the prick and they dont try and hide the fact lulzsec are just a bunch of attention seeking script kiddies

Codemasters Site hacked

Comments