Windows 7 Eidos and Deus Ex sites hacked, 80,000 users’ data stolen

reghakr

Essential Member
Joined
Jan 26, 2009
Location
Erie, PA
eidos.jpg


The Deus Ex site and Eidos.com were defaced and taken down yesterday when a splinter group of the hacker organisation Anonymous broke through Square Enix security to steal the personal data of more than 80,000 registered users.

According to IRC chat logs of the hackers’ conversations unearthed by Krebs On Security, they plan to release the information on file sharing networks, and are recorded discussing whether to release the “src” as well. It’s unclear whether they mean the website source code, or that of one of Eidos’ games

hacked.jpg


Visitors to DeusEx.com logging on to the site yesterday will have seen the above message, left by the hackers after the attack. According to the hackers’ IRC chat logs, the names credited with the hack belong to a series of Anonymous members disliked by the real culprits, evo and @n. It’s unclear whether the attack had a real purpose, but the outcome could have been worse than data theft, as his excerpt from the hacker chat suggests. Krebs On Security have the rest of the chat log here.

[16:07] evo: one thing that would be funny
[16:07] evo: i write a nasty virus
[16:07] evo: that will bsod on startup
[16:07] evo: **** up all your drivers
[16:07] evo: delete tons of files
[16:07] evo: forkbom on start
[16:07] evo: etc
[16:08] evo: we put that in an exploit kit
[16:08] evo: on the main page
[16:08] evo: there security will be responsible
[16:08] evo: for like
[16:08] evo: thousands of ****ed up computers
[16:08] evo: and it would make the news

Square Enix hasn’t yet commented on the hack, which also saw 9,000 resumes stolen. The affected sites are now back up. If you are a registered user at Eidos.com or Deus Ex, it might be a good idea to change your passwords.

Anonymous have also been implicated by Sony in the recent attack on the Sony Online Entertainment and Playstation networks. The hacking group denied responsibility, but has suffered from infighting in the past few weeks. Anonymous veterans have told The Financial Times that it’s likely that the attacks were committed by rogue members of the organisation.

“If you say you are Anonymous, and do something as Anonymous, then Anonymous did it,” one member told the FT, “Just because the rest of Anonymous might not agree with it, doesn’t mean Anonymous didn’t do it.”

The attack is another blow to Square Enix, who recently amended their financial reports in the aftermath of the Japan earthquake to reflect the “extraordinary loss” the company has suffered. The company made a loss of $148 million/£90.6 million in the last year, with sales down 35%.

Source: Eidos and Deus Ex sites hacked, 80,000 users’ data stolen | PC Gamer
 
Eidos has revealed that resumes of job hunters and email addresses of video game fans have been stolen by hackers in an attack on the Eidos and "Deus Ex: Human Revolution" websites.

deux-ex-170.jpg


Square Enix, the parent company of Eidos, confirmed the hack in a PDF press release. (Why do companies publish their press releases as PDFs, anyway? That's just daft.)

Here's part of the statement from Square Enix:

Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites. We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.

Eidosmontreal.com does not hold any credit card information or code data, however there are resumes which are submitted to the website by people interested in jobs at the studio. Regrettably up to 350 of these resumes may have been accessed, and we are in the process of writing to each of the individuals who may have been affected to offer our sincere apologies for this situation. In addition, we have also discovered that up to 25,000 email addresses were obtained as a result of this breach. These email addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates.



There are two main risks here.

One threat is that if your email address is one of the 25,000 that has been stolen, you could receive a scam email (perhaps containing a malicious link or attached Trojan horse) that pretends to come from a video game company. After all, the hackers know that you're interested enough in video games to give your email address to Eidos.

Secondly, the resumes from job hunters. This is a more serious problem. Just think of all the personal information you include on your CV: full name, date of birth, email and home address, telephone number, job history. This kind of information is a god-send to identity thieves interested in defrauding internet users.

So, it seems Sony is not the only video game company to be having problems with its computer security.

Lets hope the continuing stream of stories of companies having customer data stolen from them makes them take security more seriously in the future.


More Eidos confirms website hack, email addresses and resumes stolen | Naked Security
 
Anonymous hacks Eidos and Deus Ex: Human Revolution

Who hacks the hackers?


A SPLINTER GROUP from the online hacktivists collective Anonymous has been blamed for taking down the Eidos website and Square Enix's upcoming Deus Ex: Human Revolution game web site.

For a few hours yesterday both web sites were taken offline after being defaced the day before with the text, "Owned by Chippy1337". According to the web site Krebsonsecurity, the hackers also plundered user data from 80,000 registered users and posted their online names on the web sites.

anonymous-1.jpg



But why would Anonymous members post their own hack handles on both web sites for the world to see? Well, it seems that the hacking collective known as Anonymous, which Sony has also accused of taking down its still offline Playstation Network (PSN), has had some infighting amongst its members.

This led to hackers hacking other hackers and the Anonymous operations web site itself came under attack. Earlier this week the web site was defaced with swearing and the hackers posted the personal information and IP addresses of over 500 Anonymous members that they accused of taking down Sony's PSN.

Assuming it wasn't a rogue Sony employee mounting a revenge attack, it looks like the once harmoniously amorphous collective known as Anonymous is beginning to crack. Apparently, the Anonops Internet chat servers are aflame with rivalry and accusations between old and new Anonymous members. You can enjoy some of the not so friendly forum banter at Link Removed - Invalid URL.

Square Enix sent out a statement today to say that Eidosmontreal.com was hacked but that it didn't hold any credit card information or code. The only things that was pilfered were 350 resumes held on its servers.

But there has been no word from either the hackers or Square Enix about why they choose Eidos and the highly anticipated Deus Ex: Human Revolution game to attack.

Read more: Anonymous hacks eidos and deus ex: human revolution- The Inquirer
 
Back
Top Bottom