Chaos Computer Club Annual Congress - Getty Images Everyone hates a copycat, but the cyber attack on Sony's PlayStation Network has created more than a few. For hackers seeking notoriety or fame, there is no easier target these days than gaming companies.
The latest victim is Bethesda Software, makers of hit games like Fallout 3 and the Elder Scrolls titles. LulzSec, the group that has claimed responsibility for the Memorial Day weekend takeover of PBS Websites (posting false news stories that rapper Tupac Shakur was still alive and living in New Zealand), says it has breached the company's servers and plans to release the data today.
Bethesda confirmed a hack attack, saying it did not believe any financial data was taken, but it was possible that user names, email addresses and passwords were stolen. It's recommending people change passwords on all of its sites, including community forums and the statistics site for the multiplayer action shooter Brink.
"We regret any inconvenience that these attacks on us cause for you. These attacks will be evaluated to determine if there are any additional protections we might take that would be prudent," the company said.
LulzSec, as usual, isn't giving a motive for the attack, but it's beating its chest to claim bragging rights.
"We did it because they couldn't stop us - and did it we did, as you'll see," the group tweeted early Monday morning. "We always deliver."
LulzSec has been escalating its attacks on gaming outlets this week. The group declared Tuesday "Titanic Takedown Tuesday" and went on the offensive.
First, it claimed responsibility for incapacitating the gaming news and opinion site The Escapist, apparently in part because it was unhappy with the comments of several posters. Within an hour, it said it had taken down the login servers of massively-multiplayer game EVE Online as well as the game's website -- and moments after that, it added the login server for smash game Minecraft to its boasts.
While it can't immediately be verified that LulzSec was responsible for the attacks, all three of the companies it claimed to be targeting were, in fact, down at the time of the boasts. The method of attack appeared to be a DDoS attack rather than an actual hack of the company's servers, but given LulzSec's history, it may be weeks before officials are certain the group did not abscond with any personal or financial information.
These most recent attacks follow one from another group of
hackers on Epic Games late last week. Company CEO Tim Sweeney shared the
information in a
statement, noting that the hackers "likely obtained the email
addresses and encrypted passwords of forum users. Plain text passwords weren't
revealed, but short or common passwords could be obtained by brute-force
Epic doesn't store financial information, so there are no
risks in that incident.
Even Nintendo isn't immune. While the company hasn't been officially
hacked, it says it did discover a possible phishing threat on its European
website last week and shut parts of that down to further investigate.
Eidos and Codemasters have been hit as well. In mid-May,
hackers took up to 25,000 email addresses and 350 resumes from the Eidos
servers, while Codemasters shut its site down for a while in early June
following an unauthorized intrusion.