Hackers Compromise Up To 1.8 Million Square Enix Accounts

Hackers Compromise Up To 1.8 Million Square Enix Accounts

image

The good news? Square Enix Members users' login and credit card info is probably safe. The bad news? Their names, phone numbers, and email addresses may have been stolen by hackers.

Two days ago, Square Enix revealed that it had been victim of what may have been a fairly substantial data theft. The company publicly admitted that it had detected some "unauthorized access" on its Square Enix Members servers and subsequently shut everything down while it conducted an internal investigation. Exactly what information, if any, had been taken wasn't clear. Now the damage has been assessed and it's not pretty: According to a company spokesperson, the information for up to 1.8 million accounts may have been stolen.

Exactly how many servers were breached hasn't been determined. That said, it was determined that the hackers hit servers in Japan and North America (which hold data of one million and 800,000 customers, respectively). The servers in Europe, which have the personal information for 300,000 members, weren't hit.

Though it's suspected that the compromised information includes things like customer names, phone numbers and e-mails, the publisher is claiming that login information wasn't accessed. Nor, Square Enix maintains, was any credit card info.

Square Enix, following these discoveries, has updated the message on its Square Enix Members website:

As a result of our continuing investigation into the unauthorized intrusion reported yesterday, Square Enix has now determined that user login credentials were not accessed. Moreover, we have not found evidence that the individual was able to access any personal information at all.

We will be sending an email to all Square Enix Members advising that an incident took place. This email will not be requesting any action from you.

We have reported this incident to the Japanese Government.

Because we have decided to conduct a broader internal investigation, it will take a few more days before we make the Square Enix Members service available once again. We deeply regret the inconvenience this may have caused our customers and fans, and appreciate your patience.

While members of the service can't be happy that some of their personal information is possibly in the hands of hackers, the situation could be a lot worse. Since, at the moment, Square Enix can't fully confirm or deny what (if any) info the hackers were able to make off with, users are still left wondering just how worried they should be about their online security. Hopefully Square Enix can confirm within the next few days that nothing was actually extracted from the servers.

This is the second time that Square Enix has been hacked this year: Back in May, hackers broke into Eidosmontreal.com and stole several hundred résumés and thousands of email addresses on file.

Source: Square Enix via Develop

Permalink

Yeah, I'm not seeing anything where they've come out and said they know information was stolen. In fact the posted statement says that there's no evidence they managed to grab a damn thing from the servers. Not to mention your source from Develop says 1.8 million accounts may have been compromised.

Square Enix has now determined that user login credentials were not accessed. Moreover, we have not found evidence that the individual was able to access any personal information at all.

Everything is speculation at this point, from the info you've provided that is. I see no reason to jump the gun and start telling people all their info has been stolen.

*sigh*

This never gets old. At least a place got hit that I'm not a member of for once.

In all seriousness... Square Enix? Square Enix? Really?

I...seriously, again?
It's getting to the point where this barely even registers as news anymore.

Can't the bastards just stop this now?
What do they even get out of this? What can you really do with 1.8 million names and email addresses? Vaguely annoy them? Spam them? Sign them up for free memberships? Urgh.

Mestraal:
I...seriously, again?
It's getting to the point where this barely even registers as news anymore.

Can't the bastards just stop this now?
What do they even get out of this? What can you really do with 1.8 million names and email addresses? Vaguely annoy them? Spam them? Sign them up for free memberships? Urgh.

Spamming is a pretty big business, so don't be surprised if there're pecuniary motivations behind these hackings.

This is boring now, wish they'd just give it a rest.

Billions of dollars is spent on online security and some 12 year old kid/40 year old virgin is in his mom's basement hacking everyone's shit.

I've got an awesome business plan. I'll create a website where everyone can put all their private info public for everyone to see, and with the money companies save bothering with online securty, they can give to me. It'll be far more convenent for everyone and possibly safer.

It's as I say, even though there seems to be nothing compromised here, you shouldn't put your private information online.

I don't have an account on square enix but I do have my credit card on file for Xbox Live. I don't need them hacking it (They won't) and having to get ANOTHER credit card.

The kinds of Hackers have gone from being evil to just being Mean.

I got this email today

I haven't used my square enix account in forever so I don't have worry about my credit card because I never bought anything.

I said this last time and I will say it again. Unauthorized access does NOT equal hacking. Even the term unauthorized access implies its NOT hacking but rather cracked login credentials

Here, this is the best analogy I can come up with so hopefully we dont continue to proliferate abuse of the word.

In just about every action movie youve ever seen there will come a time when the protagonist will encounter a security impasse. When the protagonist chooses to knock out a nearby security guard and use their credentials, or break into the VPs unlocked office in order to find the credentials or any other means of obtaining existing credentials... its called cracking, as in code cracking.

In that same situation when you see the protagonist rip off a near by panel and start rewiring or reprogramming the doors computer to allow access without any credentials at all THATS hacking.

See Im sorry, but its a very important distinction because when you use blanketed terms to mean something more distinct and isolated your helping to villainize people who had nothing to do with what they have been accused of. Creating a public perception that conveys to the general uninformed public that all people with advanced computer skills must be evil hackers, and what happens when you have someone with that impression in their head who just happens to be a congressman who admittedly is not a "high tech guy" who is preaching why it is his responsibility to pass SOPA legislation?

The pen is mightier than the sword. Please be careful to not cut down entire swaths of people when you start swinging your 10lb claymore.

EDIT: Another quick example. Its not hacking. Hackers would have bypassed the login process all together, and copied the entire database for browsing at their discretion. Quite frankly a hacker would not even leave a trace of their existence for SE to see a log of unauthorized entry.

Yet we can see what happens when you use the wrong term, you have how many people in this thread alone that their posts boil down to "hackers R bad"

The Pinray:
*sigh*

This never gets old. At least a place got hit that I'm not a member of for once.

In all seriousness... Square Enix? Square Enix? Really?

I know, right? I think the people that do this just have a dart board with a bunch of different companies and wherever the dart lands, that's who they hit.

 

Reply to Thread

Posting on this forum is disabled.