2 réponses à ce sujet

[Aaryn Flynn]

We are continuing our investigation of the unauthorized intrusion of the decade-old BioWare server system supporting the Neverwinter Nights forums.  As we previously stated, we have determined that no credit card data was compromised from the servers, nor did we ever have or store sensitive data like social security numbers. Our investigation shows that information such as user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys and birth dates from accounts on the server system associated with Neverwinter Nights may have been compromised. Accordingly, in an abundance of caution, we are emailing those whose accounts were potentially affected and either disabling their forum accounts or resetting their EA Account passwords.

We take the security of your information very seriously and regret any inconvenience this may have caused our customers and fans. If your username, email address and/or password on your Neverwinter Nights account are similar to those you use on other sites, we recommend changing your password at those sites as well. We advise all of our fans to always be aware of any suspicious emails or account activity and report any suspicious emails and account activity to Customer Support at 1-877-357-6007. Aaryn FlynnStudio GM, BioWare EdmontonVP, Electronic Arts

Updated FAQ: http://support.ea.co...tail/a_id/5367/

*********************************************************************
JUNE 15 POST
Yesterday (June 14), we learned that a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums.  We immediately took appropriate steps to protect our consumers’ data and launched an ongoing evaluation of the seriousness of the breach.  We have determined that no credit card data was compromised, nor did we ever have or store sensitive data like social security numbers.  However hackers may have obtained information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts--a very small percentage of total users.  We have emailed those whose accounts may have been compromised and either disabled their accounts or reset their EA Account passwords. If you did not receive an email from us, or if your password still works for your EA account, your username and password were not compromised.  Nevertheless, changing your password regularly is always helpful to protect your account.

We take the security of your information very seriously and regret any inconvenience this may have caused you.  If your username, email address and/or password on the Neverwinter Nights forums are similar to those you use on other sites, we recommend changing your password at those sites as well.  We advise all of our fans to always be aware of any suspicious emails or account activity and report any suspicious emails and account activity to Customer Support at 1-866-543-5435.  

Aaryn Flynn
Studio GM, BioWare Edmonton
VP, Electronic Arts


http://support.ea.co...tail/a_id/5367/

Modifié par Aaryn Flynn, 23 juin 2011 - 07:36 .

[Aaryn Flynn]

As a security precaution the latest email went out to all BioWare account holders regardless of game ownership. If there was an EA account attached to your BioWare account EA has reset the passwords for those accounts. If you are having any problems with your account or password please call EA Support as they are there to help: 1-877-357-6007.

We really appreciate your support and are focused on having everything remediated as soon as possible.

Aaryn

[Jesse Reid]

Hey everyone, just wanted to clear up a few things that I've seen.

The system that was hacked was our legacy servers. Social is hosted at a different location and was not comprised in this attack. Your passwords were reset as a precaution.

If you are not getting your password reset email right away there might be a delay in getting the email due to the volume of requests, I had to wait about an hour last night when mine was reset.

When Social was first launched all new accounts were created on both it and our legacy forums. This was done to prevent people from registering with display names already in use on our legacy site. We turned that off eventually but for those of you who remember creating only a Social account that is why your password was reset last night.

We really appreciate the feedback you have been giving us.

Modifié par Jesse.Reid, 24 juin 2011 - 09:00 .