23 réponses à ce sujet

[vometia]

For those who haven't seen this topic, I thought it was important to bring forum members' attention to what appears to be a serious security breach of EA's servers.  A number of people have reported that the unique email address they used to register with EA has started receiving spam from gambling sites and the like, and after changing my contact details I started seeing spam being sent to the new address too, so the compromise appears to be of an extended duration and is possibly ongoing.

A more serious matter is that one forum member has reported that there have been unauthorised attempts to use their credit card.  Although this can't definitely be traced back to the same breach that's responsible for the spamming, it's highly coincidental and it's not an unreasonable assumption that if members' contact details can be accessed, perhaps payment details have also been compromised.

In lieu of an official response by EA there's not much more that can be said, other than to keep a close eye on your card statements for anything suspicious.  Which is a good idea anyway, but more so when there's an ongoing problem whose scope isn't entirely clear.

[Ponce de Leon]

Thanks for the heads up. Will link this thread through a status, to give a warning to the people I know here.

[Druss99]

Really need a gaming website to take up the story and add some hyperbole to get an EA response I reckon.

[Swordfishtrombone]

Thanks for the warning. Seems like something EA really needs to look into, and quickly - potentially a very serious problem.

[Dominus]

That's why I never try to save credit card information online, I just don't trust that sort of thing.

Thanks for the heads up.

Modifié par DominusVita, 02 avril 2011 - 01:38 .

[Moondoggie]

Removing any saved information from the Bioware points page would be a good way to protect yourself. Transactions are still at risk however many sites have decent precautions to protect transactions so they might be okay.

It really does need looking into and i'd hazard a guess that it's already being looked into behind the scenes. It's not the sort of thing you don't notice on your company servers. It's kind of to be expected tbh with the ammount of attention online Bioware and EA have had over the last month with various "scandals" and attention seekers sucking those stories for all their worth you get 4chan style sites wanting to create revenge attacks on the EA servers and i'd bet anything it's some symptom of trolling sites picking up on the whole banned from playing Dragon Age 2 story.

[Dominus]

All the information of billing address and credit cards were all left blank, so I guess it's time to play it safe for now and hope the hackers aren't on their way to screw me over.

[vometia]

Moondoggie wrote...

Removing any saved information from the Bioware points page would be a good way to protect yourself.

Excellent advice: I hadn't even thought of looking there. Fortunately I don't have any card details saved, but it's probably a good idea to check it out anyway: since the data leak is potentially still ongoing, it could save aggravation if saved card details are deleted if there's a risk that they may yet be accessed.

[Blood-Lord Thanatos]

**** it! I hate this kind of crap

[Rose of Mars]

Damn... Just when I was starting to be less paranoid about online transactions... >.<

Thanks for the heads up! :3

[Mercuron]

And here I was thinking BestEuropeCasinoGet, BestPokerSoon and ForYouPokerRoomSoon were standard titles on emails concerning religion and preaching!

[Gyrannon]

Security breach like this?: (Recieved via yahoo, from Bioware Social Network)

-------------------------------------------
Hallo [NUTZERNAME],

[AUTORENNAME] hat auf dein Thema geantwortet: [THEMA_TITEL

Bitte klicke auf den folgenden Link, um es anzusehen:
[THEMA_URL]

Viele Grüße,
Soziales Netzwerk Administration
---------------------------------------------------

All I can think is "Huhhhhhhh........??????"

[Arlana Tabris]

@ Gyrannon: That's actually a standard BSN notification e-mail, if someone who has their language set to something other than English answers your topic. AFAIK, only the English version of that e-mail shows as intended (with the links and names).
You can switch off the notifications that you don't need in Profile -> Account Settings and Profile -> Forum Settings.

I've been getting spam on my BSN e-mail too - same senders as the ones Mecuron mentioned.
Thanks for the heads-up on the online transactions.

[Gyrannon]

Arlana Tabris wrote...

@ Gyrannon: That's actually a standard BSN notification e-mail, if someone who has their language set to something other than English answers your topic. AFAIK, only the English version of that e-mail shows as intended (with the links and names).
You can switch off the notifications that you don't need in Profile -> Account Settings and Profile -> Forum Settings.

I've been getting spam on my BSN e-mail too - same senders as the ones Mecuron mentioned.
Thanks for the heads-up on the online transactions.

Thing is, I always get english notifications an they have links in them. But this one was not the standard that I usually recieve, and it has no links in them, just a bunch jumbled up words an codes an plus I think BSN's servers know that I want only english notifications an send it as such instead of sending it in a language I clearly can't read or speak. Either it is a breach or it's just a random glitch in the servers.

[Arlana Tabris]

The notifications aren't in the language of the OP, but in the language of the poster. The person who posted in your thread chose German as the language for this site and every notification send by their account will come in German as well. The reason why you were always getting English notifications up until now is that the posters in your thread had chosen English as the language for this site.

[Nattfare]

I'm changing to buccaneer or 1337 now if that should that happen to me.

[Arlana Tabris]

@ Nettfare: I think the languages available for notifications are only the four available for the forums, so English, German, French and Polish.

EDIT: I could be wrong though. I have never tested that theory.

           Also, apologies to the OP for writing off-topic posts. Hopefully the bump will finally get us an answer concerning
           the spam and online transactions.

Modifié par Arlana Tabris, 03 avril 2011 - 10:35 .

[Nattfare]

Ah..

[Gyrannon]

Well I just alerted Chris that this topic needs his response, so we might see his reply soon

[Travie]

Very strange... thanks.

[Miles McDude]

 So...are they going to give us new serial numbers?
WTF?

[FatjoeBRO]

so that email i got from AAryn something wasnt a phishing email? hrmmm looked fishy to me haha

[darth_lopez]

FatjoeBRO wrote...

so that email i got from AAryn something wasnt a phishing email? hrmmm looked fishy to me haha

you recieved an e-mail too?