If you are a fan of Unreal Tournament from Epic Games or ever have participated in discussions on the online forums run by Epic Games, you possibly need to change your forum password as soon as possible.
It seems the Unreal Engine and its creators, Epic Games' forums have recently been compromised by an unknown hacker or a group of hackers, who have stolen more than 800,000 forum accounts with over half a Million from the Unreal Engine's forums alone.
The hackers get their hands on the forum accounts by exploiting a known vulnerability resided in an outdated version of the vBulletin forum software, which allowed them to get access to the full database.
Epic believes registration information that includes usernames, scrambled passwords, email addresses, dates of birth, IP addresses, and date of joining, may have been obtained in the attack.
"We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered into the forums, but no passwords in any form, neither salted, hashed, nor plaintext," announcement on the Unreal Engine forum website reads.
However, ZDNet
reports "their full history of posts and comments including private messages, and other user activity data from both sets of forums"have also been compromised.
Most of the stolen passwords are scrambled that can not be cracked easily, but hackers could exploit other stolen data to send phishing messages to forum members' email addresses in an effort to infect their systems with ransomware or other malicious software.
Epic Game Players at Risk
Moreover, there is bad news for players of Infinity Blade, UDK, Gears of War, and older Unreal Tournament games, as hackers may have compromised their salted hashed passwords, along with their email addresses and other data entered into the forums.
At the time of writing, the
Epic Games' forumand
Unreal Engine forumsboth appeared to be down.
So, users are advised to change their passwords for the forum accounts as soon as possible and keep a longer and stronger one this time and change passwords for other online services, especially if you use the same password for multiple sites.
You can use a
good password managerthat allows you to create complex passwords for different sites and remember them for you.
We have listed some
best password managersthat could help you understand the importance of password manager and help you choose a suitable one, according to your requirement.
LeakedSource, a search engine site that indexes leaked login credentials from data breaches, has added the breached data from the Epic Games' forums into its database, which includes the password hashes to allow its users to search for their stolen data.
from The Hacker News http://ift.tt/2bAuvZV
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.