High-profile hacking is in the news again. Riot Games told players of its mega-hit MOBA League of Legends that the database containing player info in several European countries has been hacked.
Riot said no billing information got out but hackers did access e-mail address, account passwords, dates of birth and summoner names. A “small number” of players’ security questions and real names got out, too.
Riot recommends European players change their passwords (I’m going to recommend you do that no matter what territory you’re in).
The hack led to Riot Games discovering that 11 different passwords were in use by more than 10,000 players. The number of people that had the exact same password as another person was in the double digits. Even though the database is encrypted, more than half of the passwords on file were simple enough a veteran hacker could crack them. Players should also be on the lookout for phishing attempts targeting the e-mails associated with the accounts.The vulnerability that allowed the hacking is now fixed, according to Riot. New security measures are coming as well.
Hacking was one of 2011’s defining tech stories, thanks to the exploits of Lulzsec. Gaming-related sites are an especially juicy targets, because they often require credit card information. They also are an obvious “tell” as to what types of entertainment a credit card user might like. Many people use the same password for various accounts (a security no-no) so cracking one can be a profitable venture for a hacker.
The attack that took down PlayStation Network was perhaps the best known in video games but far from the only one. A FIFA 12-related hack became part of a surprisingly sophisticated money laundering scheme.
Read [League of Legends]