Hack Attempts Against Bethesda's Websites

I did catch someone trying to log onto my dummy fb account. Were the passwords stored in plaintext?

Think of it like this - lulz were seemingly able to gain complete access to their internal network. The files clearly show lists of internal servers, which could include those used to house source code for upcoming games. The list seemed to include some id software servers too. This kind of hack (allegedly) caused Half-Life 2 to be delayed even longer than it had been already - luckily, Valve were cash-rich enough to take that on the chin and still release a great game. Bethesda probably are too, but it’s not like you want to test that Especially since they have more things going on now, than Valve did when the hack hit them - HL2 was their only main project back then. Bethesda have plenty of goodies that they wouldn’t want finding their way onto pirate bay in pre-release form.

Companies offering online services should be spending far more on security than they are doing - granted it’s a horrible way to find out for most people involved, but it does highlight the fact that not enough is spent on security right now. Many, many people will be in the same boat (no pun intended :)) - and will probably continue to do nothing about it, until they are forced. They require us to submit information to access their services - therefore every effort should be made to secure and protect that information. If the cost is too high to do that - the services should not be offered in the first place. Harsh maybe, but it makes a lot of sense

i read that they said they hacked here 2 months ago! so, 2 months to tell us eh? great!

[QUOTE=dazman76;338586]Think of it like this - lulz were seemingly able to gain complete access to their internal network. The files clearly show lists of internal servers, which could include those used to house source code for upcoming games. The list seemed to include some id software servers too. This kind of hack (allegedly) caused Half-Life 2 to be delayed even longer than it had been already - luckily, Valve were cash-rich enough to take that on the chin and still release a great game. Bethesda probably are too, but it’s not like you want to test that Especially since they have more things going on now, than Valve did when the hack hit them - HL2 was their only main project back then. Bethesda have plenty of goodies that they wouldn’t want finding their way onto pirate bay in pre-release form.

Companies offering online services should be spending far more on security than they are doing - granted it’s a horrible way to find out for most people involved, but it does highlight the fact that not enough is spent on security right now. Many, many people will be in the same boat (no pun intended :)) - and will probably continue to do nothing about it, until they are forced. They require us to submit information to access their services - therefore every effort should be made to secure and protect that information. If the cost is too high to do that - the services should not be offered in the first place. Harsh maybe, but it makes a lot of sense :)[/QUOTE]

Yeah. I agree with pretty much everything you say. Still don’t like having been part of the hacked innocents :rolleyes:
Ah well. Could have been worse.

“How rude, I do hope somebody stabs those men in the eyes”

The Simpsons are always relivent,

-J Omega

They took my account on the brink website cause i cant get in

And the “moral” part of the hacking suddenly comes into question (someone else noticed an attempt to get onto his facebook page too).

If you use this password & email combo to log onto any other site it’s time to go change all your passwords

Used LastPass, to store and generate random passwords for all 22 websites I have accounts for… took me a few hours, but at least I should be somewhat safe. Printed them off as well just to be sure.

would that work for me? i have 3 PCs i use and my iPhone 4 too. is it just like a browser addon that auto fills out the passwords? how does that work for eBanking?

also, what happens if lastpass gets hacked?!?!

yeah im about to do the same.

Lastpass:D
Well its addon for browser,getting info there is bit work.
My SD password is 62 letters long,including letters,numbers,alpha letters,its very unique:d
My old pass was:
S-Z-p4s5l4s-Däää4—M-Age-R-u-Z-l-Z-z-LLL1-2-3-1-2-1HzHzH5J3-J-ä-NN-3-SI5TssS-C0Oo=oL
I wroted passwords into my notebook,pretty safe,but thats how strong password looks.
As you read= SplashdamageRulzitsCool
Adding BIG-small letter and numbers makes it unique.

Example:
Take an sentence or word-
IplayBRINK
Now make it harder:
1Pl4yBr1Nk
Now add -(=8,8…etc tags:
1–Pl4=yB124r!!21N???=)k_2231329149fjks

Proof it

123abc all the way.

[QUOTE=Genert;338648]Lastpass:D
Well its addon for browser,getting info there is bit work.
My SD password is 62 letters long,including letters,numbers,alpha letters,its very unique:d
My old pass was:
S-Z-p4s5l4s-Däää4—M-Age-R-u-Z-l-Z-z-LLL1-2-3-1-2-1HzHzH5J3-J-ä-NN-3-SI5TssS-C0Oo=oL
I wroted passwords into my notebook,pretty safe,but thats how strong password looks.
As you read= SplashdamageRulzitsCool
Adding BIG-small letter and numbers makes it unique.[/QUOTE]

but as i say i have to have access via several machines. not just one. so that complicates things

You could use something like KeyPass which is a standalone store. Then use something like dropbox to keep it sync’ed across all machines (save to the dropbox folder).

Upsides: good passwords accessible from all machines.

Downsides: manual copy/paste passwording, if someone gets into your dropbox and is able to crack the dropbox encryption then you’ll be changing a lot of passwords.

I haven’t really used keypass myself. Used to use it at an old job. Apparently the encryption is good and as long as you make your dropbox account secure you should be fine.

EDIT: you can bypass the dropbox thing and keep it on a flash drive, adding a physical layer of security. Just don’t lose the flash drive (and make sure it’s backed up somewhere safe).

Regarding the stats site, there’s some maintenance going on at the moment and things will be back to normal soon.

It really angers me that I haven’t received an email about the hack. Only a fraction of Brink players read Bethesda’s blog or this message board. A few hundred of us know, but thousands of others don’t. Nice job Bethesda.

Hand-written small notebook stored in an old dusty mildewed carved book
(last part was made just for the sake of fooling around with old stuff from the attic)

Also, I was never born the same day, with the same name, in the same country. And boatload of spam-dedicated addresses.

Password ‘tips & tricks’ set aside, LulzSec now tastes like bittersweet to me.

Bittersh** would be more accurate to be honest (please pardon my words).

. . .

At first, because they’re targeting Bethesda/ZeniMax, who haven’t done anything truly “wrong” recently.

The only possibility could be the announcement of Skyrim being a dumbed-down game to meet a broader audience, but it’s just an announcement : so many publishers/devs repeated their game wasn’t dumbed down and was for hardcore gamers, and of course there was an enormous disappointment on the release day. We were lied to.
While when Bethesda clearly set the tone and tell us they’re going for a “broader audience” game, we know what’s coming around the corner.

imo there’s no “reason” to cause problems to Bestheda/Zenimax : Skyrim isn’t out yet, apparently id Software are fine with their new owner and we can’t know if Rage will be good or not, and ex-Starbreeze devs are okay to work with them.

. . .

Then, they claim they’re doing that “for the lulz”, that they’re not looking for morality, so questioning whether Bethesda deserved it or not is being off-topic. Okay. Pure LuLz.

Even if it’s not something you can define, “lulz” could be understood as a “corruption of lol” (in all meanings). Of course, legal =/= lulz.

[ul][li]Scanning all important companies networks for vulnerabilities, then making fun of the amount of epicfail => lulz-like[/li].
[li]Defacing a website with appropriately-lulzy content (shocking/pr0n/funny stuff), modifying the website a little to bring the lulz-joke to another level => lulz-like[/li].
[li]Dumping harvested informations (minus credit card information) to the public eye => can turn out being very cruel, but it’s still lulz-like[/li].
[li]Using/selling/dumping credit card informations => not lulz-like (exception : sending pizza/strippers/mexican folk band/etc to their office/home)[/li]“lulz” is not about the money, sure money can be a tool to get moar lulz but it’s not the final purpose (which is the lulz)
.
[li]Extortion => not lulzy at all. (yay threats to Unveillance)[/li][/ul]

It’s doing it for the money only (1), using real economical/business/life threats (2), without any form of humor (3). It’s being a mafia without any form of moral code. They should grow a pair and call themselves the e-Cosa Nostra.

Using the latest popular meme (nyan cat) to disguise as just a part of the “the new culture of the Internet” (“you can’t understand us, so you can’t judge our actions !”) only to cover their extortion business is a really lame (and coward) move.

LulzSec is not longer made of Lulz, it is made of the exact same greed composing the MAFIAA : a bunch of guys trying to transform their power of nuisance into money in one single step, being way too lazy to elaborate a new business model or to turn their power of nuisance into a useful asset (for lulz or for well-deserved-money).

Seriously, next time drug trafficking and continent-wide prostitution will be labelled as “made of lulz” simply because it’s not morally acceptable and against the law/state/dad figure ?

Anyone can threaten someone else to get his mobile phone/car/money/informations, what LulzSec is doing is just the same **** all delinquents/criminals are doing on a daily basis since the beginning of time, there’s nothing new, nothing original. I am disappoint.

[QUOTE=trigg3r;338261]LulzSec
Bethesda, give everyone more info on Skyrim and we’ll keep the user database to ourselves. However we are going to embarrass you anyway.[/quote]

Haven’t they learned anything from TV/the News?..People do not negotiate with terrorists.

Bull. They did not take passwords.