clock menu more-arrow no yes

Filed under:

Cryptic Studios warns of database hacking

New, 11 comments

Better change your passwords … again

star trek online
star trek online

Cryptic Studios – the developer behind Star Trek Online, City of Heroes and Champions Online – has sent out a notice to customers after discovering a breach of its security from 2010. In a statement released earlier today, Cryptic said that an unauthorized access occurred in December 2010, and this evidence has only come to light due to increased security analysis.

The studio behind Star Trek Online, City of Heroes and Champions Online has sent out a notice to customers after discovering a breach of its security from 2010.

In a statement released earlier today, Cryptic Studios said that an unauthorized access occurred in December 2010, and this evidence has only come to light due to increased security analysis.

The studio says that the intruder gained access to user account names, handles, and encrypted passwords.

"Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database," Cryptic Studios said in its statement.

"All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident."

Cryptic Studios says there is currently no evidence that the intruder took any other information, although they are not ruling out the possibility of additional account information being taken.

"If they did so," the statement continues, "the first and last name, e-mail address, date of birth (if provided to Cryptic Studios), billing address, and the first six digits and the last four digits of credit cards registered on the site may have been accessed."

"All accounts that we believe were present in the database have had the passwords reset."

Cryptic emphasized that at this point, there is no evidence that information beyond account names, handles, and encrypted passwords have been accessed.

"We have conducted an in-depth investigation into the source and extent of the intrusion and have taken immediate action as a result, including resetting the passwords of the affected accounts and notifying those customers via email," a Cryptic Studios spokesperson said.

"We sincerely regret that this invasion has occurred. Our customers' privacy is our top priority and we are continuously increasing security measures to protect their information."

The studio urges customers to change their passwords and be vigilant about email and postal scams.

It is unclear what impact the resetting of passwords will have two years after the database compromise. It is currently unknown whether the intruder has already used any of the accessed user information for harm.

Cryptic Studios is continuing its investigation. We've reached out for comment and will update this story when we hear back.