Game publisher Ubisoft is the latest to get hacked. At least one and possibly several bad actors found a way in to one of its Web sites and carried away user data.
"We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems," the company said in a statement. "We instantly took steps to close off this access, to begin a thorough investigation with relevant authorities, internal and external security experts, and to start restoring the integrity of any compromised systems."
The bad news: During this process, the company learned that data was illegally accessed from its account database, including user names, e-mail addresses and encrypted passwords. The good news: No personal payment information is stored with Ubisoft, so consumers' debit or credit card information was safe from the intrusion.
Not the First Time
Still, Ubisoft is recommending users change their password. And, out of what the firm calls an "abundance of caution," also recommends users change their password on any other Web site or service where the same or a similar password is used.
Here's how it happened: Credentials were stolen and used to illegally access Ubisoft's online network. The company said it can't go into specifics for security reasons. But the attack did not originate via Uplay services.
"Ubisoft's security teams are exploring all available means to expand and strengthen our security measures in order to better protect our customers. Unfortunately, no company or organization is completely immune to these kinds of criminal attacks. There is no evidence that this intrusion is related to any other game company's previous security incidents."
This is not the first time hackers have targeted Ubisoft. In November 2009, Ubisoft's Splinter Cell Web site was hacked. According to Sophos, visitors to the Web site were greeted with a message in Russian. Sophos suspected it may have been a publicity stunt, but were not able to confirm it.
Illegal Online Pharmacies Shuttered
In other security news, the FDA has closed 1,677 illegal online pharmacies. The FDA said many of these Web sites appeared to be operating as a part of an organized criminal network that falsely purported its Web sites to be "Canadian Pharmacies."
These Web sites displayed fake licenses and certifications to convince U.S. consumers to purchase drugs they advertised as "brand name" and "FDA approved." The drugs received as part of Operation Pangea were not from Canada, and were neither brand name nor FDA approved. These Web sites also used certain major U.S. pharmacy retailer names to trick U.S. consumers into believing an affiliation existed with these retailers.
"Illegal online pharmacies put American consumers' health at risk by selling potentially dangerous products. This is an ongoing battle in the United States and abroad, and the FDA will continue its criminal law enforcement and regulatory efforts," said John Roth, director of the FDA's Office of Criminal Investigations. "The agency is pleased to participate in Operation Pangea to protect consumers and strengthen relationships with international partners who join in this fight."
Posted: 2013-07-02 @ 3:39pm PT
Why do these huge 'corporations' operate so lame and weak, with such a web presence and profit mind you, to be hacked and let sensitive users info be obtained ??? Are their security and IT dept. personnel playing games or on bigger than normal lunch breaks ?! The CEO and all upper management should be fired, not to mention the IT and security personnel. And personally I would NEVER deal with such a company again. Period.