If you've played one of Cryptic Studios' MMORPGs over the last two years, chances are you're currently receiving a warning about a user database breach via email.
In the warning, Cryptic states that, as a result of routine security checks and upgrades, the company has discovered that certain account information, including passwords, may have been accessed by an unauthorized party. Given that we live in a post-Sony Apocalypse world, the news really isn't all that surprising. But what is surprising is that the breach happened back in December 2010, and Cryptic is just now figuring it out more than a year later.
Cryptic is the studio behind City of Heroes, Champions Online, Star Trek Online, and the upcoming Neverwinter MMOG.
"The unauthorized access included user account names, handles, and encrypted passwords for those accounts," the studio said on Wednesday. "Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database. All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident."
So far there's no evidence that any other information has been swiped by the intruder, but it's possible that additional info was obtained. "If they did so, the first and last name, e-mail address, date of birth (if provided to Cryptic Studios), billing address, and the first six digits and the last four digits of credit cards registered on the site may have been accessed," Cryptic said. "We have no evidence at this time that any data other than the account name, handle, and encrypted password were accessed for any user."
Let's just hope they don't figure it out in another sixteen months. Currently the investigation into the breach is still ongoing, and the studio says it's taking even further action to strengthen its systems, and to redouble its security vigilance and protections. In the meantime, Cryptic customers should be on the lookout for email and postal mail scams that ask for personal, sensitive information. Naturally Cryptic won't ask for any of this.
"While we have no evidence of unauthorized use of personal information as a result of this incident, to protect against any possible identity theft, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports," the studio said. "Further information regarding the prevention of identity theft can be found at the Federal Trade Commission’s website here."
News like this is making board games look better and better every day.