Well well well. Cryptic Studios, creators of the Star Trek Online MMO were hacked in December 2010.
They released a statement saying that they’ve only just discovered it due to “increased security analysis”. You can read it here, if you wish: http://www.crypticstudios.com/securitynotice
Let me save you the jump, and give you the very first paragraph:
At Cryptic Studios, your privacy and security is important. As part of our ongoing efforts to monitor and enhance security, we recently detected evidence of an unauthorized access to one of our user databases. The unauthorized access occurred in December 2010, and evidence of this has just been uncovered due to increased security analysis.
I’ve emphasised the bit in bold, fair reader, because it is, pardon my French, a big leaky bucket of shite.
Evidence of this was uncovered by Cryptic’s customers back in February 2011, and Cryptic were informed about it. I know this because I was one of those vigilant customers who wrote a concerned email.
Here’s what happened. I received some spam to a unique address that had only been used to register for Star Trek Online beta access. I mentioned this on Twitter, and a chap called Bryan got in touch saying the same thing had happened to him, he had emailed Atari (owners of Cryptic), and he copied me in on the next email to them to which I replied expressing my concerns.
Atari, having dismissed Bryan’s situation as random spam and generated phishing, never bothered getting back to us. I’ve included a screen grab of the mail chain below, with Bryan’s surname name and email address removed for his privacy. Start from the bottom and work your way up.
So here we are, A YEAR AND 4 MONTHS later, and Atari have issued a Mea Culpa. Let this be a warning to any business who holds customer details on a network.
Your customers aren’t just your payday – when we raise concerns over the security of our information, and present you with something tangible, you bloody well check it out no matter how secure you think your “precautions” are!
This is the Bryan from the emails. there is a few ways to do what we talked about here. If your interested in a easy way check out http://www.spamex.com services start at 10 bucks a year but they have a nice web app to manage all the addresses and turn them off or add whitelist/blacklists to each address. If you want a custom domain theres a 1 time charge but I think its worth it.
Just learned something the create a new email address. good idea. Well that’s my one thing for the day.