Talion reassured users that the encrypted passwords would not be usable to login; however, he conceded that, "there is a small possibility they could be used to identify accounts with particularly weak passwords."
Robert Prigge, CEO of identity verification company Jumio Corp., weighed in as well, disagreeing: “As hashed passwords can be easily deciphered, cybercriminals can leverage bots and credential stuffing to try these login credentials across countless websites (including banking portals, social media accounts, healthcare sites and more) in search of an opening.” The breach's long-term consequences remain to be seen.
Cybersecurity enthusiasts may be interested to know that the encrypted passwords were "hashed and salted" -a delicious way to prepare vegetables and sensitive data alike.
Sandbox Interactive GmbH, the Berlin company behind the MMORPG Albion Online, uses forum software called WoltLab Suite - a program based on the infamously insecure MyBB forum software. Bugcrowd CEO Ashish Gupta responded to the incident, suggesting that "organizations must learn...that vulnerabilities exist in every platform." He claimed that a "layered security approach" is needed to "find security vulnerabilities faster and gather actionable insights to increase resistance to cyber-attacks." Sandbox Interactive has claimed that they are "fixing vulnerabilities and informing players about this incident."
Cybersecurity enthusiasts may be interested to know that the encrypted passwords were "hashed and salted" -a delicious way to prepare vegetables and sensitive data alike. Bcrypt hashing, the technique's formal title, involves applying a special formula to the passwords before "salting" them with data, making them difficult to decipher. Making a strong password is still important - using numbers and special characters in place of letters and abbreviating phrases so they don't form recognizable words are good ways to make your passwords more secure.[Featured Image: IGDB]