Five months after Gamigo, a German Massively Multiplayer Online Role-playing Game (MMORPG) publisher, suffered a data breach that was said to have exposed millions of accounts, the attackers have confirmed the damage by releasing more than 8 million passwords and email accounts taken during the incident.
In February, Gamigo waned users about an attack on a database housing gamer information. At the time, the gaming developer would not rule out the possibility that the attackers had kept the information they accessed. As it turns out, this is exactly what happened.
After working on the list for months, 8.24 million email and password combinations were published to the Web this week by the attackers, or someone who had access to their cache of hijacked data. The list itself is 11 million records, but almost 6% of those records are duplicates. Just over half of the leaked accounts (3.7 million) are from France and German ISPs, while U.S. based ISPs are listed some 3 million times.
Given the time between the actual breach and publication of the compromised data, Gamigo customers are likely not at risk of having their gaming experience hindered. The problem is that many of them likely use the same authentication across multiple websites.
So the beach at Gamigo could lead to compromised accounts on other domains.
The Gamigo leak makes it one of the largest breaches this year, and earns its place alongside Yahoo, LinkedIn, eHarmony, Phandroid, NVIDIA, Last.fm, and Formspring. The game developer has not issued a statement or posted any public comments on the recently published data.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- KeePass Update Patches Vulnerability Exposing Master Password
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Keep Aware Raises $2.4M to Eliminate Browser Blind Spots
- Google Workspace Gets Passkey Authentication
- Cybersecurity Startup Elba Raises €2.5 Million for Employee-Focused Product
- Zoom Expands Privacy Options for European Customers
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Apple Unveils Upcoming Privacy and Security Features
