Cryptic Studios has announced that one of its user databases was hacked 16 months ago.
Cryptic Studios, the publisher of MMOs including Star Trek Online and Champions Online, announced yesterday that it had "recently detected evidence of an unauthorized access to one of our user databases." Not good news, but nothing all that super-terribly unusual in this post-PSN-hack world we live in either. But this attack wasn't actually post-PSN at all: it happened in December 2010.
We're only hearing about it now because Cryptic just stumbled upon evidence of the intrusion due to recent "increased security analysis." The good news is that the passwords in the breached database were encrypted; the bad news is that whoever broke into the system was also apparently able to crack the encryption on at least some of the passwords. And while the company says that it currently has no evidence that other information in the database was compromised, it acknowledged that the intruder may have also gained access to data including first and last name, email address, date of birth, billing address and the first six digits and last four digits of credit cards registered to the site.
The investigation into the hack is ongoing and Cryptic issued the usual warning to its users to be extra-wary of scams seeking personal or credit card information. It also strongly urged people who use the same password across multiple services to change them up, and took it upon itself to reset Star Trek Online and Champions Online passwords as a precaution. Cryptic passwords can be recovered using the standard "forgot password" option.
Details about the breach and how to contact customer service with questions can be found at crypticstudios.com.