Cryptic tell me via email today that my password and some user credentials might have been compromised.
“The unauthorized access included user account names, handles, and encrypted passwords for those accounts. Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database.
All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident.”
I want details, more detail than they supplied. It is a huge concern when the gaming market is going for micro-transactions, and those accounts can store credit cards, especially for inactive games. This event apparently only directly relates to Star Trek Online and Champions Online, but any breach is serious.
Cryptic are doing the right thing by owning up to it, and making channels available to the community affected. They’re doing the minimum right thing. But sheesh Cryptic – how many times has this happened to game companies in the past, and why is it so ungodly difficult to establish a secure database system?
My personal information is not something that gets exposed without some degree of detail being given, and is certainly the type of screw-up that makes me reconsider that company in the future. There is a reason that I dislike and distrust Sony, Microsoft, and the few other companies that have screwed the pooch in the past. FFS.
I don’t know if I can even be bothered resetting a password for a game I do not ever play anymore, and it is certainly time that I will never get back.