Sign in with
Sign up | Sign in

Security News Roundup: EA's Origin Platform, Adobe Forum Supposedly Hacked; Skype Patched Too

By - Source: Microsoft | B 23 comments

It was a busy day for EA, Microsoft and Adobe.

Wednesday was an interesting day for several service providers on the Internet.

For starters, reports surfaced that EA Origin accounts were being hijacked, including one owned by Digital Foundry's Richard Leadbetter. Origin users were alerted to the attack by email, saying that their account's email address or password – or both – were successfully changed. Thing is, these users didn't change their info, indicating that their accounts had been compromised.

Eurogamer points to threads on NeoGAF detailing numerous complaints from EA Origin users. Many have also reported that they've been completely locked out of their account, and faced a reluctant EA support team. One GAF member even took a step further by tracking down the user who took over his account, discovering the hacker to be based out of Russia.

EA eventually released an official statement regarding the hacking claims, but didn't approach the topic at hand directly. "Anytime a player has a question about the security of his or her account or personal data, we take it very seriously and take all possible steps to help," the company said. "For any customer who cannot access their Origin account for any reason, we ask them to please contact Origin Help or EA's customer experience group at help.ea.com."

Meanwhile. Microsoft faced a security issue of its own through Skype on Wednesday. The company suspended Skype password resets to fix a flaw that allowed hackers to gain control of an account simply by using an email address. The company said the issue affected a small number of users who have multiple accounts registered to one email address.

"We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly," the company said. "We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience."

While Microsoft was busy patching Skype, Adobe was busy shutting down Connectuser.com, a community forum site for Adobe Connect Web users. A hacker named "ViruS_HimA" claimed that he broke into one of Adobe's servers, and copied a database containing email addresses, password hashes and other info of more than 150,000 Adobe customers.

As proof, the hacker published a limited set of 644 records with email addresses ending in adobe.com, .mil and .gov.

"As soon as we became aware of the hacker's post, we launched our investigation, which (based on the information leaked by the hacker) led us to determine that the hacker appears to have compromised the Connectusers.com forum site," said Wiebke Lips, Adobe's senior manager of corporate communications, Wednesday via email to Computerworld.

"We are in the process of resetting the passwords of impacted Connectusers.com forum members and will reach out to those members with instructions on how to set up new passwords once the forum services are restored," Lips added.

It's just another day in the virtual wild west. Time to pull out a paperback book.

 

Contact Us for News Tips, Corrections and Feedback

Discuss
Display all 23 comments.
This thread is closed for comments
  • 1 Hide
    rangas , November 14, 2012 11:15 PM
    touche
  • -1 Hide
    kracker , November 14, 2012 11:24 PM
    F**k EA who cares. They probably deserved it.
  • 9 Hide
    StormOfRazors , November 14, 2012 11:32 PM
    Origin is a disaster in my opinion anyway, and I wouldn't be using it if it wasn't forced upon me for battlefield 3. It will be the last straw if some Russian hacks my account......
  • 1 Hide
    ibn gozzy , November 14, 2012 11:47 PM
    "It's just another day in the virtual wild west. Time to pull out a paperback book."

    Paperback book?!?!? What's that?
  • 9 Hide
    bigdragon , November 14, 2012 11:48 PM
    EA, seriously, again?! I have had more problems with my Origin account for 1 game over the course of 11 months than I've had for over 80 Steam games in 8 years. Unbelievable. EA needs to put its money into hiring security experts. I don't trust EA.
  • 2 Hide
    A Bad Day , November 15, 2012 1:15 AM
    Quote:
    Eurogamer points to threads on NeoGAF detailing numerous complaints from EA Origin users. Many have also reported that they've been completely locked out of their account, and faced a reluctant EA support team.


    Quote:
    we take it very seriously and take all possible steps to help


    When different parts of the company, Customer Service and Public Relations, lack coordination...
  • 1 Hide
    JamesSneed , November 15, 2012 1:35 AM
    Quote:
    EA, seriously, again?! I have had more problems with my Origin account for 1 game over the course of 11 months than I've had for over 80 Steam games in 8 years. Unbelievable. EA needs to put its money into hiring security experts. I don't trust EA.


    I disagree on the security experts part, instead of this half baked thing called Origin they need to stop the attempt at a money grab and use steam.

    Do agree with the rest.
  • 2 Hide
    kcorp2003 , November 15, 2012 3:10 AM
    this nonsense argument about which digital platform a publisher should use or not, needs to stop.
    I miss the old days.
  • 1 Hide
    unksol , November 15, 2012 3:21 AM
    No really.... Origin is crap and EA doesn't care? I am shocked. At least we have a choice and origin isn't forced on us. Oh wait.... It is
  • 1 Hide
    alidan , November 15, 2012 4:38 AM
    my account got hacked
    you cant contact ea without an account

    fantastic.

    seriously, any origin enabled game i will NEVER buy,
    goog bye sim city, seeing as how they can CHANGE THE USER NAME so you have no access to the account, its sickening.

    oh, and here is the kicker, you only get online chat. no email, no phone number. chat....

    i barely type 23 words a minute, and i suck at writing on the fly, fan (sanction avoinding word) tastic.
  • 0 Hide
    alidan , November 15, 2012 4:39 AM
    kcorp2003this nonsense argument about which digital platform a publisher should use or not, needs to stop. I miss the old days.


    oh yay, my account got hijacked, and without an EMAIL CONFIRMATION had my username changed.
    the most basic of basic security measures, and they couldn't even do that.
  • 0 Hide
    kcorp2003 , November 15, 2012 5:17 AM
    alidanoh yay, my account got hijacked, and without an EMAIL CONFIRMATION had my username changed. the most basic of basic security measures, and they couldn't even do that.


    yea that sucks man i know. security major myself i know how these things are done.
  • 0 Hide
    vrocker , November 15, 2012 5:25 AM
    My Origin account was also hijacked, thankfully i got it back relatively easy (i say relatively since it still took 3 hours)
    While i was looking into how to contact EA support, which is a challenge all by itself, i noticed some hijacked accounts had their date of birth changed! Why the hell is this even changeable? its not like i get reborn every few months...
    Problem is, you need your DOB and a CD key to restore the account. If the DOB is changed then you're screwed. Just requiring these 2 bits of information is bad too since the hijacker can get into your account by contacting EA support and giving them the same details, since origin shows your CD key and DOB ><

    EA really need to step up their security, they at least need a secondary email and a better way to contact support (yay for having to register again). This is why i
  • 2 Hide
    alidan , November 15, 2012 5:43 AM
    kcorp2003yea that sucks man i know. security major myself i know how these things are done.

    but i dont, and i cant even express how angry i am about this crap here, i have to censor every sentance i say because im adding in words that will get me sanctions.

    i mean i get it, crap gets hacked,
    but they changed my user name
    they changed the email
    they changed the password
    all without 1 confirmation.

    my steam account got hacked a while back too, but they never got through before i changed my password because they needed to get into my email too, to get to my 4 diget code you have to answer whenever steam is opened on a different browser or computer.

    most of my accounts have been hacked, or attempted to be hacked at one point in time or another, and they only got through once, and that was twitter that i dont use, just have because i thought it may have been usefull.

    i cant understand why, on an online platform that takes a credit card information, they have such lax security.

    i wanted sim city, i was going to put up with origin for it, but no, no no no no no no no no NO!

    i will never return to that platform again, and i just want my account back for piece of mind, and nothing more.
  • 3 Hide
    rantoc , November 15, 2012 7:10 AM
    The cloud is completely safe, stop worrying /end sarcasm
  • 0 Hide
    assasin32 , November 15, 2012 7:46 AM
    Origin, yup don't trust EA they have proven time and time again their incompetent and greedy. I'd rather just give Steam my money so far they have proven to be a far more ethical company.
  • 0 Hide
    Thomas Creel , November 15, 2012 8:25 AM
    Valve, buy ORIGIN. You must do it.

    For the children D:!
  • 0 Hide
    amk-aka-Phantom , November 15, 2012 9:49 AM
    krackerF**k EA who cares. They probably deserved it.


    The players did not though, and they're the ones suffering. So %^$@ you instead.

    Think of who's really affected here. It's not EA, they don't give a damn. It's the players who'd like to play ME3, BF3 and so on, and despite people hating on Origin (which is BS, at least the reasons they list: Origin has a big number of downsides compared to Steam - no regular sales, region locks etc. - but the USUAL reasons people list are just retarded... "OMG I HATE ORIGIN BECAUSE IT'S NOT STEAM") these are great games and no one should get away with stripping players who bought the games of access to them.

    I'd be very, VERY upset if my Origin account got taken away from me, 'cause even though I own just one game - Mass Effect 3 - I enjoy the hell out of it, Origin or not. I'm glad I'm not affected, though from what I'm reading here, there isn't really much I can do to further secure my account :( 
  • 0 Hide
    daygall , November 15, 2012 10:49 AM
    Honestly... I'll never use Origin because I already knew crap like this would happen.

    I bought the entire ME trilogy, grabbed 3 from elsewhere, because I refuse to use Origin. Not because it isn't steam, but because it isn't safe, it is an inferior service, I don't feel comfortable putting my information anywhere near it.

    So, good luck EA, and I wish the best to all of you that are affected, but this is another nail in the Origin coffin.
  • 0 Hide
    happyballz , November 15, 2012 1:17 PM
    Perfect example of why EA's Origian and Valve's Steam are not always a perfect solution. Anything server "cloud" based is always vulnurable.
    Have fun dealing with consiquences.
Display more comments