Today I recieved an email from Codemasters (not a phising scam), and they say that usernames, passwords, adresses were stolen.
Here is the content of the email :
Important information regarding your account
Dear valued Codemasters customer,
On Friday 3rd June, unauthorised entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.
During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:
Codemasters.com website
Access to the Codemasters corporate website and sub-domains.
DiRT 3 VIP code redemption page
Access to the DiRT 3 VIP code redemption page.
The Codemasters EStore
We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.
Codemasters CodeM database
Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.
Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.
The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year.
Advice
For your security, in the first instance we advise you to change any passwords you have associated with other Codemasters accounts. If you use the same login information for other sites, you should change that information too. Furthermore, be extra cautious of potential scams, via email, phone, or post that ask you for personal or sensitive information. Please note that Codemasters will never ask you for any payment data such as credit card numbers or bank account details, nor will Codemasters ask you for passwords or other personal identifying data. Be aware too of fraudulent emails that may outwardly appear to be from Codemasters with links inviting you to visit websites. The safest way to visit your favourite websites is always by typing in the address manually into the address bar of your browser.
Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies. We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law.
We apologise for this incident and regret any inconvenience caused.
We are contacting all customers who may have been affected directly.
Should you have any concerns or wish to speak to a member of our Customer Services team, please email them at custservice@codemasters.com.
.. Turns out they are not masters of code after all...
Codemasters
Company »
UK-based development studio behind the popular Colin McRae Rally and Micro Machines franchises. In late 2020, they were acquired by Electronic Arts.
Codemasters.com has been hacked.. They have joined the Sony-club
It's okay that companies get hacked, it's what happens, but FFS let people know as soon as possible.
This is getting out of hand. I bet anything there will still be pricks defending hackers as if they are on some righteous crusade against injustice.
String em all up. I hope the game company's get together and create a task force of investigators to find all these nerds and bring then to justice.
I think this shows that more companies need to upgrade their sercurity protocols not just sony because these hackers are getting bold now.
This is getting out of hand. I bet anything there will still be pricks defending hackers as if they are on some righteous crusade against injustice. String em all up. I hope the game company's get together and create a task force of investigators to find all these nerds and bring then to justice.So you hope a bunch of private companies get together and buy a secret police force to go after people?
@phantomzxro said:
I think this shows that more companies need to upgrade their sercurity protocols not just sony because these hackers are getting bold now.
I agree with the first part of what you said but it's not because the hackers are getting bold. At some point companies decided web security was a waste of money and now they're paying for that decision.
I got this email; I can't even remember when I signed up or what for. I have no idea which password I even used.I had this thought at first and I'm still not sure which password I was operating under but I think it may have been for Lord of the Rings Online, could yours have been for the same thing? At any rate this hacking is getting ridiculous.
@Atramentous said:Paranoid much? No, not secret and not a police force. Investigators are not police.This is getting out of hand. I bet anything there will still be pricks defending hackers as if they are on some righteous crusade against injustice. String em all up. I hope the game company's get together and create a task force of investigators to find all these nerds and bring then to justice.So you hope a bunch of private companies get together and buy a secret police force to go after people?
@Atramentous said:This is getting out of hand. I bet anything there will still be pricks defending hackers as if they are on some righteous crusade against injustice. String em all up. I hope the game company's get together and create a task force of investigators to find all these nerds and bring then to justice.So you hope a bunch of private companies get together and buy a secret police force to go after people?
@phantomzxro said:I think this shows that more companies need to upgrade their sercurity protocols not just sony because these hackers are getting bold now.I agree with the first part of what you said but it's not because the hackers are getting bold. At some point companies decided web security was a waste of money and now they're paying for that decision.
I agree with you but i feel that is the reason they are getting bold. It's like blood in the water to a shark, these hackers know these companies have weak points and are attacking now. Maybe bold was the wrong choice of words but companies need to step it up because hacker sure are.
The only cool hacker was and only ever will be John Connor.
John Connor didn't need to do anything "for the lulz", he just did it because he's John Connor.
And correct me if I'm wrong, but Codemasters are not Skynet. So hackers, fuck off. Your attacks are becoming kinda old hat and retarded.
@jkuc316Tell that to the dude who made the terms: White Hat, Gray Hat, Black Hat, n00b, Script Kiddie, etc...Nothing is wrong with hackers in general. It's the morality and idea of "fun" for the hackers, it is shitty how so many talented hackers are "black hat." What we all really need are more talented "white hats."You sir are a hat racist.
Just goes to show that this can, and will happen to anybody. No matter what. It's not just something that happens to Sony. It's not because Sony is reckless, and didn't have things as secure as it should have been. No, this can happen to any, and everybody. Sure, one company/website/console might be a little more difficult to hack then another, but it will happen eventually if someone is determined enough. That's all it takes. A determined hacker(s).
Ok hackers, you are not internet heroes. Please go outside and enjoy the sun now.
Signed,
The rest of the world
@blueduck said:
At some point companies decided web security was a waste of money and now they're paying for that decision.
Having companies pay extra money for extra protection isn't the answer to all this nonsense though. Sure banks spend tons of money for extra protection of their clients money. But does the pizza shop down the road that has 100 some credit card numbers on file have to do that? The hackers need to be stopped. Someone's attacking you, don't just build a wall and ignore it. Go kick their ass.
@phish09 said:
I don't see how that's the same thing at all. The "sony club", as you put it, had my credit card information and Codemasters did not.
Not really sure what point you are trying to make. Are you saying that the Sony situation is worse simply because credit card info may, or may not have been stolen? I beg to differ. In fact, credit card info is the lesser of the stolen information because they are so easy to cancel, and invalidate. After the Sony situation, it took me about 30 seconds to call my bank, cancel my card, and get a new one sent to me. Problem solved. My credit card info being maliciously used is no longer a possibility.
The personal info, however, is much more of a threat. Especially if people's "recovery" questions were taken. All that stuff can be used to scam people, used for information gathering, identity theft, etc. Over the course of years I'll have to be on high alert, simply because they got my personal info, NOT because they got my credit card info. Credit card info being stolen is pretty insignificant. For example, I'm willing to bet nothing will come of the credit card info supposedly being stolen from PSN, because we would have heard about it by now. At this point smart people have already cancelled their credit cards, and gotten new ones. The people that haven't deserve what they get. Needless to say, it should be an issue anymore.
So yeah. This definitely is the same as the PSN hack. This, and the Edios/Dues Ex thing all falls into the same bucket. It's all just as bad, and it's all the hackers fault. Not the companies. The hackers are the ones that need to be stopped, held accountable, and punished. Something has to be done about them.
After viewing a lot of your posts on this subject, I know you are determine to blame Sony, and go on about how they deserve to be lynched, can never be trusted again, blah, blah, blah... Fact of the matter is, that attitude is completely unfair. It was refreshing to see Michael Pachter and the Giantbomb crew podcast about how the only thing Sony did wrong was how they handled communication, and that the actual hacking wasn't their fault. At least there are some reasonable people out there...
@phantomzxro: Knowing nothing about computers, I always wonder if no matter how good a company's security whether someone out there, if they care enough, can always get through.
that is very true but i feel cyber security is something that should be upgraded quite often its like changing the mix of bug spray so bugs don't get immune to it. You have to always be ready to upgrade or switch out passwords when doing cyber security. I know it hard and to a company who has never been hacked before it hard to pitch the money cost to a CEO or head when the so called old system works just fine.
Please Log In to post.
This edit will also create new pages on Giant Bomb for:
Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.Comment and Save
Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.
Log in to comment