Eidos hacked

May 13, 2011

Seems that Sony’s not the only gaming company having security issues. Eidos has reported in a press release (below) that 25,000 email address, used for registration, were obtained as a result of a security breach.

It is satisfying to know that it doesn’t hold credit card details on the compromised server but other personal data has been accessed.

In addition, the website was defaced and I suspect this is the first indication there was a problem. However, after reading an interesting account of the hack it seems their plans may have been more destructive. WARNING. This transcript contains strong language.

It would be interesting to know if, along with registration email, an associated password was obtained. If so, there could be a bundle of trouble for those who still insist on using the same user name and password combination.

Press Release

Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com  website as well as two of our product sites. We immediately took the sites offline to assess how  this had happened and what had been accessed, then took further measures to increase the  security of these and all of our websites, before allowing the sites to go live again.

Eidosmontreal.com does not hold any credit card information or code data, however there are  resumes which are submitted to the website by people interested in jobs at the studio.  Regrettably up to 350 of these resumes may have been accessed, and we are in the process of  writing to each of the individuals who may have been affected to offer our sincere apologies for  this situation. In addition, we have also discovered that up to 25,000 email addresses were  obtained as a result of this breach. These email addresses are not linked to any additional  personal information. They were site registration email addresses provided to us for users to  receive product information updates.  No dissemination or misappropriation of any other personal information has been identified at  this point.

We take the security of our websites extremely seriously and employ strict measures, which we  test regularly, to guard against this sort of incident.