HAHA! Sucks to be an online gaming company atm ....

CCP (EVE Online)

reported by CCP Manifest | 2011.06.14 23:08:26


A message from our COO.

At 17:00 UTC today, CCP became aware of a distributed denial-of-service attack (DDoS) against the EVE Online cluster and web servers.

Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 17:55 UTC, that group concluded that our best course of action was to go completely offline while an exhaustive scan of our entire infrastructure was executed.

While some may feel that such a drastic reaction was not warranted, it is always our approach to err on the side of caution in order to ensure the best possible service for our players and the security of their personal, billing and account information.

We understand the effect this disruption has had for our players and apologize for not having been able to explain fully to the community what was going on. In these cases it can often be counterproductive to containment to give out information while we are in the process of evaluating the scope of any potential problem.

Our taskforce concluded at 22:05 that neither the game servers nor the CCP infrastructure had been breached. Further, we can also confirm that no personal details such as users’ credentials or credit card numbers were exposed through this incident.

The servers were brought back online at 23:00 and we will continue to monitor the situation closely.

Again, we sincerely apologize for this disruption.

Regards,

Jón Hörðdal

Chief Operating Officer

UPDATE: Shortly after service was restored to the EVE Online Tranquility server, the CCP Security Task force became aware of ongoing traffic flooding which prompted them to take the server offline. At 00:30 UTC, Tranquility was brought online again and is being closely monitored. Please be advised that we are prepared to take the server offline again if warranted. We thank you again for your patience and apologize for any inconvenience and sincerely thank you for your continued patience.

CODEMASTERS:

Important information regarding your account

--------------------------------------------------------------------------------
Dear valued Codemasters customer,

On Friday 3rd June, unauthorised entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.

During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:

Codemasters.com website
Access to the Codemasters corporate website and sub-domains.

DiRT 3 VIP code redemption page
Access to the DiRT 3 VIP code redemption page.

The Codemasters EStore
We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.

Codemasters CodeM database
Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.

Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.

The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year.

Advice
For your security, in the first instance we advise you to change any passwords you have associated with other Codemasters accounts. If you use the same login information for other sites, you should change that information too. Furthermore, be extra cautious of potential scams, via email, phone, or post that ask you for personal or sensitive information. Please note that Codemasters will never ask you for any payment data such as credit card numbers or bank account details, nor will Codemasters ask you for passwords or other personal identifying data. Be aware too of fraudulent emails that may outwardly appear to be from Codemasters with links inviting you to visit websites. The safest way to visit your favourite websites is always by typing in the address manually into the address bar of your browser.

Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies. We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law.

We have begun contacting all customers who may be affected directly.

We apologise for this incident and regret any inconvenience caused.

Should you have any concerns or wish to speak to a member of our Customer Services team, please email them at custservice@codemasters.com.



Please use this thread to post your comments.