Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:
Greenbelt, MD 08/22

Regularly scheduled events

Epic Hacked

A break-in on the Epic Games Website is the latest in a rash of data breaches on gaming websites. Here's a note from Epic passed along by Mouser:

Our Epic Games web sites and forums were recently hacked. After some downtime, they're back up and running now.

The hackers may have obtained the email addresses and encrypted passwords of forum users. Plaintext passwords weren't revealed, but it's possible that those passwords could be obtained by a brute-force attack on the encrypted passwords. Therefore, we have reset all passwords. Your new password at the bottom of this message.

The Unreal Developer Network (UDN) hasn't been compromised. Thankfully, none of our web sites ask for, or store, credit card information or other financial data.

We're sorry for the inconvenience, and appreciate everyone's patience as we wrestle our servers back under control.

Tim Sweeney
Founder, Epic Games Inc

View
59 Replies. 3 pages. Viewing page 1.
< Newer [ 1 2 3 ] Older >

59. Re: Epic Hacked Jun 14, 2011, 09:16 Fibrocyte
 
Slashman wrote on Jun 12, 2011, 12:12:
Fibrocyte wrote on Jun 12, 2011, 11:48:
To speculate that Epic dropped the ball in this case is moronic.

Note: I'm not saying Epic is innocent or guilty of anything.

How do you reconcile these two statements exactly? You're not saying they are innocent or guilty...but it's moronic to speculate that they dropped the ball(which implies guilt)? Thinking2

Sigh... It's rather straightforward.

People posting to this thread have zero data to state whether Epic dropped the ball or the hackers got in using some unknown exploit. Yet people are doing it left and right.

My follow-on note states that I am not one of those jokers. I'm not going to say they did or didn't do something stupid until there's evidence.
 
Reply Quote Edit Delete Report
 
58. Re: Epic Hacked Jun 14, 2011, 08:40 Xirgu
 
PHJF wrote on Jun 12, 2011, 13:49:
Nor between merely annoying advertisers and hackers looking to do financial damage.

Financial damage to whom exactly? Is there any evidence of these hackers (or any of the other big recent hacks) doing any financial damage to the end-user?

Seems to me these nefarious hackers are just attempting to sabotage companies for whatever reason.

well..
"Arstechnica_article"
 
Reply Quote Edit Delete Report
 
57. Re: Epic Hacked Jun 13, 2011, 11:34 Creston
 
It's starting to become an epidemic...

Creston
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
56. Re: Epic Hacked Jun 13, 2011, 01:11 Bhruic
 
Am I the only one that sees the irony at getting mad at hackers for "stealing" your personal info when every company has your gives it to anyone with a checkbook?

It seems like you are mad because hackers got that info without Paying Epic?

By all means, present your proof that Epic has sold my personal information to anyone. I'd love to see it.
 
Reply Quote Edit Delete Report
 
55. Re: Epic Hacked Jun 12, 2011, 18:28 Krovven
 
PHJF wrote on Jun 12, 2011, 13:49:
Is there any evidence of these hackers (or any of the other big recent hacks) doing any financial damage to the end-user?

Every single developer has employees, we are all end users. You are posting on a forum that has many developers from companies in partnership with Sony, Epic, etc. There are people on the other end of each of those Brand Names. Billions of dollars were lost to the global economic system due to the PSN hack.

Nothing is safe. Not in the banks, not in your homes, not in digital form, not on secure servers. If someone wants something bad enough and has the resources behind them to get it done, it will happen. When it's obvious there are many security holes in software, that people work daily to keep up with hackers finding new holes.
Putting such harsh blame on people trying to do their jobs with the tools available to them, is ignorance.

As someone below said, the hacker chose to commit a crime, blame falls on them.

 
Reply Quote Edit Delete Report
 
54. Re: Epic Hacked Jun 12, 2011, 13:49 PHJF
 
Nor between merely annoying advertisers and hackers looking to do financial damage.

Financial damage to whom exactly? Is there any evidence of these hackers (or any of the other big recent hacks) doing any financial damage to the end-user?

Seems to me these nefarious hackers are just attempting to sabotage companies for whatever reason.
 
Avatar 17251
 
Steam + PSN: PHJF
Reply Quote Edit Delete Report
 
53. Re: Epic Hacked Jun 12, 2011, 13:42 Beamer
 
Tumbler, apparently you don't see a difference between aggregated details, email address and passwords.

Nor between merely annoying advertisers and hackers looking to do financial damage.
 
-------------
Music for the discerning:
http://www.deathwishinc.com
http://www.hydrahead.com
http://www.painkillerrecords.com
Reply Quote Edit Delete Report
 
52. Re: Epic Hacked Jun 12, 2011, 13:05 Tumbler
 
Am I the only one that sees the irony at getting mad at hackers for "stealing" your personal info when every company has your gives it to anyone with a checkbook?

It seems like you are mad because hackers got that info without Paying Epic? What do you think happens to that same info when you "like" something on facebook? Or you sign up for a newsletter with some other company?

And why do so many people take offense to seeing Cliffy B? I don't get it, people act like he personally committed a crime against them...and most of his comments are bland to begin with yet ppl get all up in arms like he's attacking them.
 
99gamers.com-Game trading site, PC digital trading!
Kickstarter "Game Developer"!
Reply Quote Edit Delete Report
 
51. Re: Epic Hacked Jun 12, 2011, 12:26 Tony!!!
 
Getting really tired of these LOSER Hackers shitting all over society and thinking it justified. Catch these guys and make them do some hard time.  
-Tony!!!;)
my 360 user name is Robo Pop
Reply Quote Edit Delete Report
 
50. Re: Epic Hacked Jun 12, 2011, 12:12 Slashman
 
Fibrocyte wrote on Jun 12, 2011, 11:48:
To speculate that Epic dropped the ball in this case is moronic.

Note: I'm not saying Epic is innocent or guilty of anything.

How do you reconcile these two statements exactly? You're not saying they are innocent or guilty...but it's moronic to speculate that they dropped the ball(which implies guilt)? Thinking2
 
Reply Quote Edit Delete Report
 
49. Re: Epic Hacked Jun 12, 2011, 11:48 Fibrocyte
 
People need to realize that every line of code written for every piece of software that is in the critical path of a web service has the potential to open up an exploit. The system administrators will regularly patch their services to fix exploits but this will often open up new holes that the hackers will eventually discover.

To think that any website is 100% secure is moronic.
To speculate that Epic dropped the ball in this case is moronic.
The majority of the posts in this thread are moronic.

Note: I'm not saying Epic is innocent or guilty of anything.

 
Reply Quote Edit Delete Report
 
48. Re: Epic Hacked Jun 12, 2011, 11:21 Dmitri_M
 
Teddy wrote on Jun 11, 2011, 22:03:
killer_roach wrote on Jun 11, 2011, 21:00:
yuastnav wrote on Jun 11, 2011, 19:13:
Right, because pretending that a problem doesn't exist makes it go away. That always works like a charm!
Maybe banks shouldn't use vaults and just keep the money in the lobby! Surely people aren't douche bags and won't just, you know, take it. No, that thought is completely preposterous!

If people aren't taking stuff, there's no problem where it's kept. Love the "blame the victim" logic, by the way... I see a future for you in defending rapists.

That you put hackers and rapists in the same category shows a pretty sad sense of logic.

The question here is not one of morality, but one of practicality and personal responsibility. People WILL take stuff. That's the reality of the world, and the reality of humanity. It WILL NOT CHANGE.

Knowing that, then if there is something you don't want others to take, you have the responsibility to secure and defend it. Would you leave your family's life savings in a pile on your front yard and then when it goes missing, would you then tell them it's not your fault? That you're a victim?

This is the same reason that if you leave your car unlocked and it gets stolen, then you get nothing from the insurance company. Because your own personal negligence in terms of security enabled those who stole from you. That is the same thing we're seeing here, minus the involvement of insurance companies.

There is a question of how much more they could have done vs how talented the hackers were, but none of us know the specifics. Either way, in a business that involves people PAID to secure the servers and website, to exonerate them for their failure and place all the blame on the hackers is just stupid and naive.

Both sides are to blame, one more than the other certainly, but there are no helpless 'victims' here for you to raise on a pedestal.

The criminal is always to blame since they make the decision to commit the crime.

These hackers are lowlifes. Regardless of whether some of them post videos online pretending to be "changing the world" from their mom's basements. Go volunteer at a soup kitchen, get outside and realise the world is flawed and will always be.
 
Avatar 22350
 
Reply Quote Edit Delete Report
 
47. Re: Epic Hacked Jun 12, 2011, 10:53 Domgrief
 
I'm fascinated that the views on this are so polarised.

Whoever was responsible for the security of Epic's websites had the sense to encrypt the passwords, to limit the amount of personal data kept at the edge of the network, and to take the appropriate response as soon as an intrusion was detected.

We don't have enough information to know whether this was the result of a lazy network administrator, but it's not hard to believe that the servers could have been compromised even if Epic had taken reasonable measures to keep them secure.
 
Reply Quote Edit Delete Report
 
46. Re: Epic Hacked Jun 12, 2011, 10:04 shuttleswo
 

My view of IT security is naive? You seem to think they actually sit on their computers when at work actively snooping through the network looking for hackers like some security guard patrolling the halls.

The bulk of network security is automated, it is their task to set up and configure that security such that it functions effectively, properly alerts the correct people when something unusual is happening.

teddy, your view if IT security is incredibly naive; as you are assuming network administrators primary job is even network security, most network administrators have to spend the majority of their time doing tech support and general administration; only very large organizations have specialized network administrators that are shielded from that - and even then they have to deal with end users that are extremely lax about security and undermine the effectiveness of any 'automated systems' that do get setup. automated systems are only really effective at blocking 'drive by' automated attacks, but a concerted effort of hacking will blow thru them as if they aren't there.
i NEVER blame the network admins when this happens, i blame the administration for not providing them the resources (e.g. dedicated staff) to prevent it. but i also have a hard time blaming epic in this case as it would be hard for me (if i was an Epic suit) to justify having a full time security staff(er) to protect a gaming forum.

i mean let's follow your logic; if Bluesnews gets hacked next, are you going to blame blue? or furn?

Lets also remember, someone recently hacked EMC's RSA division - if someone can hack someone who's whole ORGANIZATION is dedicated to information security, then blaming Epic's network admin should be seen as completely ridiculous & yes, blaming the victim - the network admin is a triple victim first of the hacker and then of resources & priorities that epic gave them to accomplish the job and lastly of people like you.
 
Reply Quote Edit Delete Report
 
45. Re: Epic Hacked Jun 12, 2011, 09:33 Slashman
 
Cutter wrote on Jun 12, 2011, 02:22:
Alamar wrote on Jun 11, 2011, 20:59:
Of all the shit threads on bluesnews.com, this has to be the one most filled with stupid...

What a sad state some of this community has come.

-Alamar

Well, at least we can write complete sentences.

 
Reply Quote Edit Delete Report
 
44. Re: Epic Hacked Jun 12, 2011, 04:55 yuastnav
 
killer_roach wrote on Jun 11, 2011, 21:00:
yuastnav wrote on Jun 11, 2011, 19:13:
Right, because pretending that a problem doesn't exist makes it go away. That always works like a charm!
Maybe banks shouldn't use vaults and just keep the money in the lobby! Surely people aren't douche bags and won't just, you know, take it. No, that thought is completely preposterous!

If people aren't taking stuff, there's no problem where it's kept. Love the "blame the victim" logic, by the way... I see a future for you in defending rapists.

Hmm, apparently I defend rapists because I dared to imply that companies have to secure the personal information they store about you on their servers. Brilliant deduction, Mr. Holmes. Because we know for a fact that all crimes are equally severe. Someone who commits genocide should be punished just as much as someone who rapes, someone who hacks into computer systems and someone who shovels the earth from your backyard into buckets and sells it on the flea market.
 
Reply Quote Edit Delete Report
 
43. Re: Epic Hacked Jun 12, 2011, 02:22 Cutter
 
Alamar wrote on Jun 11, 2011, 20:59:
Of all the shit threads on bluesnews.com, this has to be the one most filled with stupid...

What a sad state some of this community has come.

-Alamar

Well, at least we can write complete sentences.
 
Avatar 25394
 
"The South will boogie again!" - Disco Stu
Reply Quote Edit Delete Report
 
42. Re: Epic Hacked Jun 12, 2011, 01:03 killer_roach
 
@Teddy:

The worst thing that the administrators did was fail at their jobs. That's a matter to be handled by people at Epic, Codemasters, and Sony respectively.

The worst thing the hackers did was actively compromise computer systems, steal data, and put others at risk. This is a matter to be handled by law enforcement, as such action is a federal crime.

Only one of the two groups are felons in the waiting. For you to continue to blame the administrators without any firm evidence to support this assertion is, clearly, a "blame the victim" mentality, and to argue otherwise is ludicrous.
 
Reply Quote Edit Delete Report
 
41. Re: Epic Hacked Jun 12, 2011, 00:06 DangerDog
 
yuastnav wrote on Jun 11, 2011, 19:13:
DangerDog wrote on Jun 11, 2011, 14:19:
Dear hackers,

Stop being douche bags.

Thanks

The Internet DangerDog

Right, because pretending that a problem doesn't exist makes it go away. That always works like a charm!
Maybe banks shouldn't use vaults and just keep the money in the lobby! Surely people aren't douche bags and won't just, you know, take it. No, that thought is completely preposterous!

because hacking into gaming nerd forums is the apex of internet security issues, I'm sure it'll all get fixed now for sure.
 
Avatar 6174
 
Reply Quote Edit Delete Report
 
40. Re: Epic Hacked Jun 11, 2011, 23:21 Teddy
 
killer_roach wrote on Jun 11, 2011, 22:54:
Teddy wrote on Jun 11, 2011, 22:27:
Do you also defend a police officer who stands aside when a crime is committed? It's not like he's paid to stop criminals, right? Much the same way, say, a company's network security administrator is?

You're assuming a) a network administrator works 24/7 and b) is able to root out any potential hack threat on his own. Either is ludicrous, and show a fatally naive view of information security technology.

To use your analogy, in many hacking cases it'd be like blaming a police officer in Boston for a terrorist attack in San Diego.

My view of IT security is naive? You seem to think they actually sit on their computers when at work actively snooping through the network looking for hackers like some security guard patrolling the halls.

The bulk of network security is automated, it is their task to set up and configure that security such that it functions effectively, properly alerts the correct people when something unusual is happening.

My analogy is about the responsibility of those individuals to stop crimes. You are still attempting to deny that they have any responsibility to do so, despite being paid to do so, on the pathetically naive view that crimes should simply not happen.

Again and again, you completely try to avoid any notion of personal responsibility, conveniently skipping over those sections of the argument. It's pretty sad, really. Either address the topic at hand, or I won't bother responding to your inane nattering about inconsequential issues. THe effectiveness of the analogy is irrelevant, the point was made and you tried desperately to ignore it.

Let me put this in bullet points for you to make it easier to understand.

1) People were paid to ensure the security of that network.
2) Those people failed at their task.
3) You state that those people are not at all responsible for that failure, because someone actively attempted to circumvent the security.

Can you really not see the disconnect in logic here? If no one was ever going to try and get by security, there would be no need for the security at all. It exists because it IS needed, and if it fails, then those who's JOB IT WAS to ensure it succeeded bear responsibility for their failure.

No one is saying the hackers are innocents, but absolving people of the responsibility for which they are paid is just plain stupid.
 
Reply Quote Edit Delete Report
 
59 Replies. 3 pages. Viewing page 1.
< Newer [ 1 2 3 ] Older >


footer

Blue's News logo