On 17 October, Albion Online reported that their forum’s data had been breached, encouraging members to change their passwords. User Talion, a company representative who is quite active on the forum, explained that members’ email addresses and encrypted passwords were compromised.
Talion reassured users that the encrypted passwords would not be usable to login; however, he conceded that, “there is a small possibility they could be used to identify accounts with particularly weak passwords.”
Robert Prigge, CEO of identity verification company Jumio Corp., weighed in as well, disagreeing: “As hashed passwords can be easily deciphered, cybercriminals can leverage bots and credential stuffing to try these login credentials across countless websites (including banking portals, social media accounts, healthcare sites and more) in search of an opening.” The breach’s long-term consequences remain to be seen.
Cybersecurity enthusiasts may be interested to know that the encrypted passwords were “hashed and salted” -a delicious way to prepare vegetables and sensitive data alike.
Sandbox Interactive GmbH, the Berlin company behind the MMORPG Albion Online, uses forum software called WoltLab Suite – a program based on the infamously insecure MyBB forum software. Bugcrowd CEO Ashish Gupta responded to the incident, suggesting that “organizations must learn…that vulnerabilities exist in every platform.” He claimed that a “layered security approach” is needed to “find security vulnerabilities faster and gather actionable insights to increase resistance to cyber-attacks.” Sandbox Interactive has claimed that they are “fixing vulnerabilities and informing players about this incident.”
Cybersecurity enthusiasts may be interested to know that the encrypted passwords were “hashed and salted” -a delicious way to prepare vegetables and sensitive data alike. Bcrypt hashing, the technique’s formal title, involves applying a special formula to the passwords before “salting” them with data, making them difficult to decipher. Making a strong password is still important – using numbers and special characters in place of letters and abbreviating phrases so they don’t form recognizable words are good ways to make your passwords more secure.[Featured Image: IGDB]
albion online breaches bugcrowd cyber attack cyber incident cyber security Data data harvesting gaming Gaming News hacking Internet jumio corp MMORPG mybb Online Gaming passwords PC games PC Gaming sandbox interactive gmbh woltlab suite
Last modified: 29th October 2020