Sign in with
Sign up | Sign in

BioWare Hacked via Neverwinter Nights Forums

By - Source: BioWare | B 26 comments

BioWare is the latest in a long string of DDoS and hacks against the gaming industry.

Wednesday evening BioWare said in a blog that on Tuesday a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums. The developer reportedly took immediate action after learning of the breach by protecting user data, and then launched an ongoing evaluation to determine the extent of the hackers' infiltration.

"We have determined that no credit card data was compromised, nor did we ever have or store sensitive data like social security numbers," said studio general manager Aaryn Flynn. "However hackers may have obtained information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts--a very small percentage of total users.  We have emailed those whose accounts may have been compromised and either disabled their accounts or reset their EA Account passwords."

Flynn said that if users do not receive an email from BioWare, of if the password still works on the EA account, then chances are the hackers didn't retrieve their information. Naturally Flynn suggests that users should change passwords regularly; they also shouldn't use a universal password for all websites and accounts.

A FAQ provided by BioWare and EA states that the server system associated with the Neverwinter Nights forums was the target of a highly sophisticated and unlawful cyber attack. So far this was the only server system known to have been affected by the unauthorized attack. Once BioWare discovered the attack and locked down the server system associated with Bioware Edmonton’s Neverwinter Nights forums, the developer disabled all legacy BioWare accounts that were affected, and reset the passwords of any EA Accounts that were affected.

"We take the security of your information very seriously and regret any inconvenience this may have caused you," Flynn said. "We advise all of our fans to always be aware of any suspicious emails or account activity and report any suspicious emails and account activity to Customer Support at 1-866-543-5435."

BioWare is just the latest in a growing list of gaming and government websites that have received a DDoS cannon and/or directly hacked. The onslaught seemingly initiated with an assault on the PlayStation Network that brought it to a screeching halt. Epic Games, Bethesda, EVE Online and the CIA are just a few that have suffered the wrath of hacker group LulzSec just in the last week. Currently it's unknown if LulzSec is behind the BioWare attack, so stay tuned.

Display 26 Comments.
This thread is closed for comments
Top Comments
  • 19 Hide
    LATTEH , June 17, 2011 12:04 AM
    whysobluepandabearCan we please put an end to prioritizing this as news? This happens thousands of times per day and It's not news. I hate when fads go through media outlets.


    i like reading news like this
Other Comments
  • -2 Hide
    whysobluepandabear , June 17, 2011 12:01 AM
    Can we please put an end to prioritizing this as news? This happens thousands of times per day and It's not news.


    I hate when fads go through media outlets.
  • 19 Hide
    LATTEH , June 17, 2011 12:04 AM
    whysobluepandabearCan we please put an end to prioritizing this as news? This happens thousands of times per day and It's not news. I hate when fads go through media outlets.


    i like reading news like this
  • 4 Hide
    elgranchuchu , June 17, 2011 12:15 AM
    this people don't have a life, all their knowledge and talent put in the garbage
  • 7 Hide
    Geef , June 17, 2011 12:50 AM
    I'd suggest just making a small part of the site called "sites that got hacked today" and then people can click on it and check it if/when they want to.
  • 3 Hide
    tommysch , June 17, 2011 2:16 AM
    A media blackout on those hacks would be very beneficial to protect us all from the legislative branch of the govt. I dont want to have to setup a darknet node in a near future.

    Thank you.
  • 0 Hide
    utengineer , June 17, 2011 3:42 AM
    Ha...these hackers continue to HIDE behind their keyboards. Eventually it will catch up to them, and someone like me will bust their lip with THEIR keyboard. I am really getting tired of these hackers. I bet certain governments will to, and figure out how to GET THEM.
  • 3 Hide
    buzznut , June 17, 2011 3:53 AM
    ok now game developers? This is really sad, and idiotic. Bioware is a great company and they make awesome games because they care about their customers. Truly this is stupid defined.
  • 0 Hide
    clonazepam , June 17, 2011 4:21 AM
    maybe someone's pissed that EA's leading BioWare into the depths of Hell, waving its wallet in front of them =/
  • 1 Hide
    jalek , June 17, 2011 4:43 AM
    There are several security sites that report this stuff every day, they also list known vulnerabilities so companies like Sony can decide if they believe potential problems exist or if they just need another legal team.
  • -2 Hide
    Pyroflea , June 17, 2011 5:23 AM
    buzznutok now game developers? This is really sad, and idiotic. Bioware is a great company and they make awesome games because they care about their customers. Truly this is stupid defined.


    They obviously didn't know about the vulnerability, or they would have fixed it. You clearly have zero knowledge of computer security. It's impossible to 100% secure a machine, period. There will all be exploits and vulnerabilities.
  • 5 Hide
    kingnoobe , June 17, 2011 5:45 AM
    If you don't like the articles it simply don't read something that says a certain site got hacked.. It's not hard..

    And sure you will uten.. Give me a break.. I don't like these guys doing this either as it does nothing but make all hackers look bad.

    (Puts tinfoil hat on) This simply could be part of a government conspiracy, so they can get tougher laws passed. (Removes tinfoil hat).. But honestly I just think it's a bunch of trolls that get off frustrating people.
  • 2 Hide
    guardianangel42 , June 17, 2011 6:01 AM
    fractureTrue, all this is doing is helping the cyber security act to go through. Although it is pretty suspicious that this cyber security act came out before all this hacking news.


    It would be significantly more supsicious if it came out after. As is the timing is coincidental; it could have been convenient.
  • 1 Hide
    False_Dmitry_II , June 17, 2011 8:23 AM
    What cyber security act? Only thing google tells me seems to be from 2009, which is way before any of this stuff.
  • 0 Hide
    whysobluepandabear , June 17, 2011 9:13 AM
    fractureTrue, all this is doing is helping the cyber security act to go through. Although it is pretty suspicious that this cyber security act came out before all this hacking news.

    This is just flavor of the month news. They bring this stuff up in congress and the media outlets see an opportunity to ride this subject and milk it for profits and ratings.

    Pretty soon we'll be having coverage of how teenage masturbation causes violence and is the reason people go on shooting sprees. Fox News will of course condemn the act or mere thought of doing such things to ones self, while MSNBC will argue and logically point out that It's completely irrelevant and unrelated. CNN meanwhile will pretend they don't pick sides and are bipartisan, but we really know they'll make hints and euphemisms.
  • 2 Hide
    tommysch , June 17, 2011 11:33 AM
    PyrofleaThey obviously didn't know about the vulnerability, or they would have fixed it. You clearly have zero knowledge of computer security. It's impossible to 100% secure a machine, period. There will all be exploits and vulnerabilities.


    Those are noy 0day sploits... they use KNOWN vulnerabilities in UNPATCHED front end servers. Most likely a sql injection script with a vulnerability scanner to find targets.

    Incompetence is the problem. If they can do it the Chinese are doing it silently at this very moment.
  • -1 Hide
    kelemvor4 , June 17, 2011 1:19 PM
    PyrofleaThey obviously didn't know about the vulnerability, or they would have fixed it. You clearly have zero knowledge of computer security. It's impossible to 100% secure a machine, period. There will all be exploits and vulnerabilities.


    Why is that obvious? From information on security sites about lulzsec they aren't writing hacks, just exploiting OLD vulnerabilities with a prefab hack kit. Doesn't really require any technical knowledge at all. So far, just about every site hacked in recent news was hacked because they were way out of date on security updates. Do you have inside information that this is something other than more of the same?

    This is not the result of a grand hack, it's the result of a code kiddie hitting a server that the owner was negligent in maintaining.
  • 2 Hide
    steelbox , June 17, 2011 2:47 PM
    "So far this was the only server system known to have been affected by the unauthorized attack."

    When where there authorized attacks?
  • 0 Hide
    velocityg4 , June 17, 2011 3:27 PM
    I was hoping they managed to destroy all work related to The Old Republic. For not making a KOTOR 3.
  • 2 Hide
    sliem , June 17, 2011 4:28 PM
    geefI'd suggest just making a small part of the site called "sites that got hacked today" and then people can click on it and check it if/when they want to.


    Also section called "The world according to Steve Jobs" for all Apple-related news.
  • -1 Hide
    gm0n3y , June 17, 2011 4:47 PM
    tommyschA media blackout on those hacks would be very beneficial to protect us all from the legislative branch of the govt. I dont want to have to setup a darknet node in a near future.Thank you.

    Agreed, I would rather have my personal info stolen repeatedly than give up yet more freedoms to the government.
Display more comments