Please Read: Hack attempts against our websites and forums

Over the past weekend, a hacker group attempted an unlawful intrusion of our websites to gain access to data. We believe we have taken appropriate action to protect our data against these attacks. While no personal financial information or credit card data was obtained, the hackers may have gained access to some user names, email addresses, and/or passwords. As a precaution, we recommend that all our fans immediately change passwords on all our sites — including our community forumsstatistics site for Brink, and here on the blog.

If your username/email address/password is similar to what you use on other sites, we recommend changing the password at those sites as well. As we don’t know what further plans the hackers may have, we suggest that you keep an eye out for suspicious emails and account activity.

We regret any inconvenience that these attacks on us cause for you. These attacks will be evaluated to determine if there are any additional protections we might take that would be prudent.

Reader Comments

  1. Welcome to the new era of crime. Don’t act so surprised that someone has figured out how to engage in a criminal act using a computer that’s connected to a network full of information pertaining to any one individual’s or entity’s information. Every worthwhile innovation in human history has created new challenges for us the to adapt to….this is one of them.

  2. @gstaff If you would please approve my other blog comment, it may be helpful to this discussion. Currently says “Your comment is awaiting moderation”.

    @Arthmoor: MD5 and SHA1 hashes are extremely easy to crack using a variety of websites and cloud environments that already have access to supercomputers and did the cracking work using rainbowtables.

    Anyone with access to MD5 or SHA1 unsalted hashes can decrypt passwords using brute-force (typically limited to 5, maybe 6 characters at max), dictionary attacks (very easy when using the RockYou, Gawker, or similar lists), or by downloading large sets of rainbow tables (typically hundreds of GBs or several TB in size). Rainbow table attacks can be combined with brute-force (this is often the case) and dictionary methods (less common, but devastating when password re-use occurs).

    There are probably millions of hash cracking resources online, but I’ve found the Hashkiller forums to be a good starting point.

  3. Will the GECK and Construction Set Wikis be back up soon? I really hope so…

    FYI, supposedly LulzSec is only doing it to prove how poor companies’ security is by hacking it themselves, trying to get them to boost it up and do right by their customers. Continuing, they are not using any of the account data illegally. (I have heard this from one person.)

  4. I bet its COD faggots since thats were you can find all the hackers and all they love is COD and hate every other gaming companie

  5. Just fyi.. for the people freaking out:

    After mapping their internal network and thoroughly pillaging all of
    their servers, we grabbed all their source code and database passwords,
    which we proceeded to shift silently back to our storage deck.

    Please find enclosed everything we took, excluding one thing –
    200,000+ Brink users. We actually like this company and would
    like for them to speed up the production of Skyrim, so we’ll
    give them one less thing to worry about. You’re welcome! 😀

    The reason they do this is to show companies that their the user information they store is vulnerable. YOUR information. If these were malicious hackers then your information would be in jeopardy. It isn’t.

  6. Word has it on Steam that there was a short but very significant outage. Related? Who knows. I wouldn’t put it past this little gang of thugs though.

  7. Thanks for the information. Glad the computers with SKYRIM game code etc arent connected to the internet in any shape or form. I hope.

  8. oh for gods sake! took me ages to change all my passwords from the PSN hack!

    some of us do actually have to remember lots of passwords. i cant have 200+ different passwords. secure your shit!

  9. I wonder where these people get the enthusiasm required for screwing over everyone. I wish I could understand why they find this humorous… Perhaps then I could also laugh at their supposed joke.

  10. It’s just embarassing and pathetic. Not for Beth, for those self-proclaimed “Hackers” who first make a big fuzz about it, and in the end, they only manage to steal some login data _for a game forum_ ! And probably only by abusing some security holes of the board software that has been known for ages.

    Sony was a pretty big deal but all the other stuff I have yet heard of are just some lame and bored internet users that will obviously never get laid trying to get public attention…

  11. nevermind seems the forum is online
    if only they would leave us gamers alone
    but no they have to try to involve us in their little scam by stealing our data
    maybe think about getting better security cuz we live in these modern times

  12. Found the torrent rather quickly, and it says this in the comments:

    “Please find enclosed everything we took, excluding one thing –
    200,000+ Brink users. We actually like this company and would
    like for them to speed up the production of Skyrim, so we’ll
    give them one less thing to worry about. You’re welcome! :D”

    So while they do have it, it’s clear by both this comment and the size of the torrent (~15MB), they’ve not released it.

  13. You are not the only ones guys, the forum I help to administrate has had sustained attacks over the last week or so – tis the season apparently. 🙁

  14. Lulz needs to take the largest iron rod they can find and shove it up their arse.Bethesda is not going to release the game early just because a bunch of spoiled immature teenagers hacked their forums.

  15. I don’t understand why LulzSec has to hack Bethesda. I mean, this is not a kind of joke or to show their “skillz”. To steal personal datas makes them only to criminals.

  16. All I can say is. I’m pretty sure that bethsoft is gonna put a lulz easter egg in skyrim.
    An assassination perhaps? Or a humorous trap?

    I wouldn’t be surprised, it would actually be pretty funny. Anyone?

  17. I’m not saying the hackers are in the right but a lot of you don’t realize how impossible it is to actually have a completely “hack-proof” website or server. These hackers are smart and almost untraceable there are loop holes in any system and they are just finding them, most likely for fun.
    And I don’t think anonymous had anything to do with it they usually front up about their actions.

  18. Don’t you think you have a responsibility to inform people? Finding this out from a third party website isn’t acceptable! 🙁

  19. I don’t know why everybody is saying hackers won’t get laid. Haven’t you seen the movie? They’re all young, trendy dressed, sexy people.

    But on a serious note, thanks for letting us know guys. I didn’t even know Square-Enix was hacked.

  20. Any word on when the Bethesda Softworks Forums will be back up? I visit them many times each day and am going through withdrawals.

  21. I keep getting “no input file specified” error whenever I click on the link after Googling it or use my bookmark for the site. I’m trying to use the same old address I’ve always used, but it won’t let me since the hacking.

  22. Dang, someone from Missouri just tried to hack into my account… I’m glad my passwords aren’t the same across all accounts… but I have no doubt the hacker got my email address from this hack attack from Bethesda. Sadness.

  23. The passwords SHOULD have been encrypted, but anyway hacks can be prevented if access also requires a master computer, as well as passcodes. They could also use a digital security signature.

  24. hahaha oh well next time then
    u tried at least
    just try being more careful im scared
    not to much though cuz im a winner
    aw to bad he banned me
    that sucks

  25. Hackers are just trying to proof that they are pro, but what does that show? It shows that they have no life and just tryes to get in trouble. what if the site what they hack would have (if its possible) an Tracker what would track the hacker, even if he would have all sort of defensive programs. they just only push their luck.

    Hackers and Trolls should stop using internet…

  26. I wonder that will they strike what next… Steam? Bioware? Blizzard? Sega?
    if possible, i hope that they wont hack in any of those. because those are my fav game makers.

  27. everyone keeps saying they’re hacking for fun, what is fun about it? spending days on a computer just to end up with someones forum password?

    maybe twitter should delete this cretins accounts.

  28. @ This is to far: The “Professionals” are the problem. Most of them do a half-@$$ job so they have to come back.
    @Akira I personally suspect Nintendo, they should’ve been the next target after Sony.
    @ Jon What about the hackers helping NATO in Egypt and Libya?
    @ JMan Anon cannot be blamed for everything, man. They do some pretty noble stuff for hackers. Like the Habbo Raids, and the new security on WikiLeaks

  29. Ok, I didn’t think I had an account here or at Bethesda, but I did and I’ve been hacked.

    My email account was being used to send out a trojan. Can somebody tell me what to do? Is there somewhere I can find out what to do online?

  30. LulzSec is, more or less, a white hat hacker group. Most of the hackings (if not all of them) weren’t malicious. It’s more of a “let’s do this because we can.” Which is why they posted how they hacked into the servers. A white hat hacker group will hack so they can show flaws in security. Does Anonymous do this? Nope, all they do is DDoS attack websites. ps DDoS attacks are malicious.

    If you’re a Brink user, please tell me if you have had your account compromised in any way. I’m going to guess that you haven’t.