Today in Dickish Hackery: Bethesda Latest Victim of Personal Data Thieves

Anyone else really, really tired of hackers using game company websites as personal punching bags? After two grueling months of Sony's laborious effort to get its online systems back in order, various hacker collectives owning and disowning claims to a slew of targeted attacks, the US Congress getting involved, and no one being able to play SOCOM online, we thought maybe, just maybe, this whole debacle had finally come to a close.

But hey, of course it hasn't, because there are still hackers out there who are total assholes, and they still think it's really hilarious to hack into game company websites and steal their users' personal information.

In this case, it's the rogue sect of self-righteous chuckleheads known as LulzSec, or Lulz Security. These are the guys who have, most recently, hacked into the websites of Nintendo,Codemasters, and Epic Games, seemingly for no reason other than "because they can," and in some cases ganking large chunks of personal user data (though so far, no personal financial information).

The latest victim is Bethesda, whose official website for Brink was compromised over the weekend. Bethesda states that, once again, no credit card or other financial information was taken, but that some usernames, email addresses, and passwords may have been taken. As if things weren't bad enough when the Sony downtime prevented people from playing Brink online at launch, now this. Sheesh.

The LulzSec Twitter account, somewhere in between bouts of self-congratulation and complaints about their personal YouTube video stream speeds, states that they might not release any of the personal user info, but will definitely release some of the other company data extracted from Bethesda's servers.

No one seems entirely sure what, exactly, it is that has inspired LulzSec to go after company page after company page, but if the idea is to craft some kind of elaborate piece of hacking-based performance art comedy on the absurdly low security standards employed by publishers, for serious guys, we get it. I know it worked for Urkel for a while, but doing the same gag over and over and over again doesn't somehow make it more funny over time. After a while, it just starts to sound like insanity.

Not again, this has to stop. 

Mother fuckers.

bloody hell gamers can't catch a break

i think Giant Bomb is the next site to get hacked now because of Alex's comment in the post

NOT BETHESDA! 

Sooooooooooo when are they arrested?

This is just getting old. I can't wait until they get caught. It's only a matter of time.

@alex said:

Anyone else really, really tired of hackers using game company websites as personal punching bags?

Yes.

sigh...

This can't be people like Anonymous.
 
They are too nerdy not to like Bethesda.

The authorities should just hack them back.. as in hack off their hands so they'll forever be exempt from using a keyboard & mouse.

Scramble to protect Skyrim! 

Urgh. I don't care if LulzSec thinks a lot of companies security methods are lacking. It still doesn't give them the right to break into their databases and steal personal information.

Looks like gaming security as a whole is on the brink of total collapse! 
No its cool i'll show myself out.

Getting old and tired. It needs to end now.

These guys deserve to have their own security holes hacked, in the men's prison shower.
 
Love that alex can't get away from the definition of insanity joke. Twice or three times in the e3 overnight podcasts.

Far Cry 3 calls Lulzsec insane.

@Abyssfull said:

The authorities should just hack them back.. as in hack off their hands so they'll forever be exempt from using a keyboard & mouse.

Now I'm wondering if Sharīʿah covers computer crime.

The whole thing is getting really old and I feel that these hackers should be treated like the real criminals they are. They are not activists. They are immature brats that are trying to justify their actions.

Timothy Olyphant is trying to get our attention, guys.
 
We need Bruce Willis, pronto.

Not again, this has to stop. 

I like how they do something that isn't actually funny, and then say it was for the "lulz"

Timothy Olyphant is trying to get our attention, guys.  We need Bruce Willis, pronto.

Alex, your candor is admirable, but you may want to lay off the vitriol and name calling in your reporting.

Like it or not, 'Lulzsec' aren't script kiddies but actual blackhats, so in the (very, very) unlikely event they turn their sites on Giant Bomb, do you really want to be the one responsible for the Top Men having to waste their time defending against such an attack?

I'm not saying we should all cower in the corner for fear of what they might do next, but at the same time, baiting isn't going to help matters.

i think Giant Bomb is the next site to get hacked now because of Alex's comment in the post

Just like wikileaks!

Oh god, not the usernames, email addresses, and passwords! With those compromised, we are all screwed!

Hacking Bethesda's website is akin to a full-grown man punching an old lady.  Sure, you CAN do it but isn't it a bit beneath you to do so?

Just like wikileaks!

It wasn't even funny the first time it happened. I guess hackers have a weird sense of humor.

LulzSec is the MediaWhore division of Anonymous, you can be sure as long as articles like this are being posted about them, they'll continue to do exactly what they're doing.

Alex, your candor is admirable, but you may want to lay off the vitriol and name calling in your reporting.

Like it or not, 'Lulzsec' aren't script kiddies but actual blackhats, so in the (very, very) unlikely event they turn their sites on Giant Bomb, do you really want to be the one responsible for the Top Men having to waste their time defending against such an attack?

I'm not saying we should all cower in the corner for fear of what they might do next, but at the same time, baiting isn't going to help matters.

Man, I'd like to punch the shit out of some hackers right now, get a life you douche bags.

It cracks me up to think about grown men sitting behind their computers typing out things like "lulz" and "internets" with an inflated sense of self worth. What a fucking juxtaposition.

Just don't forget to wipe that Cheeto dust off your keyboard after all that epic winning.

They didn't end up including the information of 200,000+ Brink users, so that's one less thing to worry about. Still, here's their press release:

1. Greetings Internets,
   This is a story all about how we made Bethesda Softworks, ZeniMax
   Media, and everything they own, our bitch for life.
   As you should know, The Lulz Boat stores vast amounts of booty;
   much of this booty we don't release as it's simply too shiny and/or
   delicious. As of late, certain inferior sailing boats have discovered
   flaws in Brink (brinkthegame.com), thinking themselves exciting and new.
   Too late. The Lulz Boat controls this ocean, chumps.
   Some weeks ago, we smashed into Brink with our heavy artillery Lulz
   Cannons and decided to switch to ninja mode. From our LFI entry point,
   we acquired command execution via local file inclusion of enemy fleet
   Apache vessel. We then found that the HTTPD had SSH auth keys, which
   let our ship SSH into other servers. See where this is going?
   We then switched to root ammunition rounds.
   And we rooted... and rooted... and rooted...
   After mapping their internal network and thoroughly pillaging all of
   their servers, we grabbed all their source code and database passwords,
   which we proceeded to shift silently back to our storage deck.
   Please find enclosed everything we took, excluding one thing -
   200,000+ Brink users. We actually like this company and would
   like for them to speed up the production of Skyrim, so we'll
   give them one less thing to worry about. You're welcome! :D
   Please keep making awesome games, guys, and you should
   totally add an official LulzSec top hat to new releases.
   But anyway, bwahahaha... >:]

Yup.

Why don't they do something useful and hack Activision?Now that would be "lulz" leave a big message "Dis is dee Lulzboat and fuck you Bobby Kotick!" at least that would be some achievment.What the hell is the point of hacking Bethesda and Epic anyway?
They are just websites they aren't PSN.What did they expect?High level security on a gaming website?I thought these guys were suppose to be smart?

The one thing that scares me is that congress could extend the patriot act into the internet, allowing the government track our every movement.  
 
If lulzsec continues hacking sites like this, I'm afraid that an internet patriot act is inevitable. 

It cracks me up to think about grown men sitting behind their computers typing out things like "lulz" and "internets" with an inflated sense of self worth. What a fucking juxtaposition.

Just don't forget to wipe that Cheeto dust off your keyboard after all that epic winning.

Cheers to Lulzsec for continuing to show all the idiots of the world that they need to be more responsible for their personal security online. Same goes for their pron.com crack this weekend, where they grabbed tons of account information and plan to try to use that data to break into their facebook and twitter accounts to tell their friends and family about their pron.com subscriptions. Some day, people will learn not to use the same fucking account information and passwords at every site, not to give their personal information to every entity, and admins will learn to fucking employ some god damn security in their networks and servers and databases.

If someone breaks into your house, shame on them. If someone breaks into your house because you left every window and door open, don't have any lights on outside, have no security system, have flashy expensive shit viewable to the public on the street from your windows, and don't have a watchdog, then shame on you, too.

@dudacles said:

@Zaph said:

Alex, your candor is admirable, but you may want to lay off the vitriol and name calling in your reporting.

Like it or not, 'Lulzsec' aren't script kiddies but actual blackhats, so in the (very, very) unlikely event they turn their sites on Giant Bomb, do you really want to be the one responsible for the Top Men having to waste their time defending against such an attack?

I'm not saying we should all cower in the corner for fear of what they might do next, but at the same time, baiting isn't going to help matters.

Oh come on. There is nothing wrong with calling these people what they are: assholes.

Something tells me that GiantBomb and Whiskey Media have pretty pathetic security all around and as dickish and Lulzsec may seem, they may also just be the viral introduction necessary to cause the society immune system of users and administrators to get off their god damn asses and pay attention to real security measures and real security practices.

@ryanwho said:

Just like wikileaks!

Except, not at all.   People already pointed out how moronic your comparison was and yet you still don't seem to get it... whatever, it's "ryanwho" after all. Can't expect too much.

@CptBedlam said:

@ryanwho said:

Just like wikileaks!

Except, not at all.   People already pointed out how moronic your comparison was and yet you still don't seem to get it... whatever, it's "ryanwho" after all. Can't expect too much.

Yeah you and SN are a couple of jokers, I threw that in for you guys cus you're so serious about everything and I think its pretty funny how easily you flip out like a freak over nothing.  Wikileaks part 2 over here.

@Soap:

In 10 years, but we won't know for sure.

Wondering why is the FBI taking to long to put in jail this jerks?

@Tallica9000 said:

NOT BETHESDA!

Agreed, up until now it has been companies that I am neutral towards, but I'm actually fond of Bethesda.

@Branthog said:

Cheers to Lulzsec for continuing to show all the idiots of the world that they need to be more responsible for their personal security online. Same goes for their pron.com crack this weekend, where they grabbed tons of account information and plan to try to use that data to break into their facebook and twitter accounts to tell their friends and family about their pron.com subscriptions. Some day, people will learn not to use the same fucking account information and passwords at every site, not to give their personal information to every entity, and admins will learn to fucking employ some god damn security in their networks and servers and databases.

If someone breaks into your house, shame on them. If someone breaks into your house because you left every window and door open, don't have any lights on outside, have no security system, have flashy expensive shit viewable to the public on the street from your windows, and don't have a watchdog, then shame on you, too.

Your logic is incredible. Just because your house is able to be broken into, doesn't make it "ok" somehow. Leaving your windows open is perfectly legal and has practical purpose. Breaking into someones house and claiming it's their fault for opening some windows, I'd like to see that defense hold up. Stealing is wrong, we should expect a little more from humanity.

If our internet experience, the freedom to type in any url we like, is compromised in the future, it will be because of these idiots. By hacking sites for fun or to prove a point(however stupid their point may be) they are bringing us closer to china-internet. Good job.
 
@Agent47 said:

Why don't they do something useful and hack Activision?