'Forum Data Breach - Please Change Your Password'-Albion Online users' information compromised

Elizabeth Meade details the latest controversy surrounding a data breach of Albion Online uses' personal data

Elizabeth Meade
29th October 2020
On 17 October, Albion Online reported that their forum's data had been breached, encouraging members to change their passwords. User Talion, a company representative who is quite active on the forum, explained that members' email addresses and encrypted passwords were compromised. 

Talion reassured users that the encrypted passwords would not be usable to login; however, he conceded that, "there is a small possibility they could be used to identify accounts with particularly weak passwords." 

Robert Prigge, CEO of identity verification company Jumio Corp., weighed in as well, disagreeing: “As hashed passwords can be easily deciphered, cybercriminals can leverage bots and credential stuffing to try these login credentials across countless websites (including banking portals, social media accounts, healthcare sites and more) in search of an opening.” The breach's long-term consequences remain to be seen.

Cybersecurity enthusiasts may be interested to know that the encrypted passwords were "hashed and salted"  -a delicious way to prepare vegetables and sensitive data alike.

Sandbox Interactive GmbH, the Berlin company behind the MMORPG Albion Online, uses forum software called WoltLab Suite - a program based on the infamously insecure MyBB forum software. Bugcrowd CEO Ashish Gupta responded to the incident, suggesting that "organizations must learn...that vulnerabilities exist in every platform." He claimed that a "layered security approach" is needed to "find security vulnerabilities faster and gather actionable insights to increase resistance to cyber-attacks." Sandbox Interactive has claimed that they are "fixing vulnerabilities and informing players about this incident."

Cybersecurity enthusiasts may be interested to know that the encrypted passwords were "hashed and salted"  -a delicious way to prepare vegetables and sensitive data alike. Bcrypt hashing, the technique's formal title, involves applying a special formula to the passwords before "salting" them with data, making them difficult to decipher. Making a strong password is still important - using numbers and special characters in place of letters and abbreviating phrases so they don't form recognizable words are good ways to make your passwords more secure.

[Featured Image: IGDB]
(Visited 127 times, 1 visits today)
AUTHOR: Elizabeth Meade
(she/her) 4th year Chem student. Former Head of Current Affairs and Former Science Sub-Editor. Avid reader. Chaos theorist. Amateur batrachologist and historian. Rock fan. Likes cybersecurity and cooking. Wrote the first article for Puzzles. Probably the first Courier writer to have work featured in one of Justin Whang's videos.

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments

ReLated Articles
magnifiercross
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram
Copy link
Powered by Social Snap