It’s getting to the point where Anonymous is like the Eye of Sauron: You don’t even want them looking in your general direction. As reports of the internet bogeyman collective’s splintering eke out, people formerly affiliated with Anonymous–who may or may not be responsible for the Playstation Network outage–continue to wreak havoc on video game-related websites.
The latest breach involves Eidos, the company best known for the Tomb Raider franchise, and the website for their upcoming action RPG Deus Ex: Human Revolution. According to KrebsOnSecurity.com, the responsible parties tried to pin the hack on the “Ryan” who outed the internal strife amongst the ranks of Anonymous. Along with being scapegoated by angry fellow hackers, “Ryan”‘s former comrades also leaked personal information about him. The Krebs link includes a chatlog from alleged culprits “ev0” and “nigg” where they discuss their plan of attack. In addition to defacing the official website for the upcoming Deus Ex title, the hackers apparently made off with personal data on 80,000 users who visited Eidos’ websites.
Square Enix–the parent company of Eidos–issued a statement on their forums, which read as follows:
“Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites. We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.
Eidosmontreal.com does not hold any credit card information or code data, however there are resumes which are submitted to the website by people interested in jobs at the studio. Regrettably up to 350 of these resumes may have been accessed, and we are in the process of writing to each of the individuals who may have been affected to offer our sincere apologies for this situation. In addition, we have also discovered that up to 25,000 email addresses were obtained as a result of this breach. These email addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates.
No dissemination or misappropriation of any other personal information has been identified at this point.
We take the security of our websites extremely seriously and employ strict measures, which we test regularly, to guard against this sort of incident.”
If the current trend of Anonymous and Fauxnonymous shenanigans continues, it’s going to be a long, dreadful summer. Not just for video game companies, either, but also for anyone who incurs the mercurial wrath of the hackers. Here’s hoping that game companies start fortifying their web defenses to protect their users’ info.