Funcom Forums Hacked
-
Category: News ArchiveHits: 1919
The folks at Funcom have just sent a round of e-mails to users of their games to inform them that the forums for any of their games (The Secret World, Age of Conan, Anarchy Online and Longest Journey) have been hacked. This means that passwords, user names and e-mail addresses associated with accounts registered on those forums might have been compromised.
While the data concerning forum accounts is unlikely to be particularly sensitive in and of itself, passwords associated to them might have been used for other, more important accounts, which makes this PSA very important indeed.
Here's an excerpt from the letter with more details:
On August 24th, 2016, we discovered that user data associated with forum accounts on TheSecretWorld.com, AgeofConan.com, Anarchy-Online.com and LongestJourney.com have been compromised by a third party.
We regret to inform you that the data breach includes e-mail addresses, user names, and encrypted passwords associated with forum accounts on these forums. Even though passwords were encrypted, these can be cracked and should be considered compromised. It is important to note that forum accounts and game accounts are separate and are stored on different servers using different security systems. Game accounts have not been compromised.
The breach was possible due to a security fault in the vBulletin forum system. This security fault was corrected on our forums on August 19th, 2016, but we are unable to determine exactly when the data breach occurred prior to the fix.
As a temporary security measure, we have reset all passwords for every forum account on TheSecretWorld.com, AgeofConan.com, Anarchy-Online.com and LongestJourney.com. The next time you try to log in you will be told your password is incorrect and you will have to reset your password to continue. If you have used your old forum account password on your Funcom game account or any non-Funcom accounts, you should also change your password on those immediately.
As an aside, I highly recommend using unique passwords, no matter how uninmportant an account is. It is undoubtedly a hassle, considering how much we rely on various web services these days, but it's well worth it.
Thanks, NeoGAF.