Cryptic Studios – the developer behind Star Trek Online, City of Heroes and Champions Online – has sent out a notice to customers after discovering a breach of its security from 2010. In a statement released earlier today, Cryptic said that an unauthorized access occurred in December 2010, and this evidence has only come to light due to increased security analysis.
The studio behind Star Trek Online, City of Heroes and Champions Online has sent out a notice to customers after discovering a breach of its security from 2010.
In a statement released earlier today, Cryptic Studios said that an unauthorized access occurred in December 2010, and this evidence has only come to light due to increased security analysis.
The studio says that the intruder gained access to user account names, handles, and encrypted passwords.
"Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database," Cryptic Studios said in its statement.
"All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident."
Cryptic Studios says there is currently no evidence that the intruder took any other information, although they are not ruling out the possibility of additional account information being taken.
"If they did so," the statement continues, "the first and last name, e-mail address, date of birth (if provided to Cryptic Studios), billing address, and the first six digits and the last four digits of credit cards registered on the site may have been accessed."
"All accounts that we believe were present in the database have had the passwords reset."
Cryptic emphasized that at this point, there is no evidence that information beyond account names, handles, and encrypted passwords have been accessed.
"We have conducted an in-depth investigation into the source and extent of the intrusion and have taken immediate action as a result, including resetting the passwords of the affected accounts and notifying those customers via email," a Cryptic Studios spokesperson said.
"We sincerely regret that this invasion has occurred. Our customers' privacy is our top priority and we are continuously increasing security measures to protect their information."
The studio urges customers to change their passwords and be vigilant about email and postal scams.
It is unclear what impact the resetting of passwords will have two years after the database compromise. It is currently unknown whether the intruder has already used any of the accessed user information for harm.
Cryptic Studios is continuing its investigation. We've reached out for comment and will update this story when we hear back.
- Police: San Diego Comic-Con cosplayer wasn't assaulted, she fell
- What does it really cost to open an indie studio? All your money, most of your life
- Divinity: Original Sin review: next to godliness
- The front lines: How a beta makes a game better
- Pinky and the Brain return, and it's incredibly unsafe for work
- How to destroy your enemies as the Monster in Evolve
- Xibalba is a free hit of FPS nostalgia
- How well does PlayStation Now work on PS4?
- If you're still having trouble with Xbox Live, you're not alone
- Ultima Forever comes to an end months after closure of EA Mythic