Everything, Everything

2024: January February March
2023: J F M A M J J A S O N D
2022: J F M A M J J A S O N D
2021: J F M A M J J A S O N D
2020: J F M A M J J A S O N D
2019: J F M A M J J A S O N D
2018: J F M A M J J A S O N D
2017: J F M A M J J A S O N D
2016: J F M A M J J A S O N D
2015: J F M A M J J A S O N D
2014: J F M A M J J A S O N D
2013: J F M A M J J A S O N D
2012: J F M A M J J A S O N D
2011: J F M A M J J A S O N D
2010: J F M A M J J A S O N D
2009: J F M A M J J A S O N D
2008: J F M A M J J A S O N D
2007: J F M A M J J A S O N D
2006: J F M A M J J A S O N D
2005: J F M A M J J A S O N D
2004: J F M A M J J A S O N D
Cryptic Compromise
Thursday 26th April, 2012 16:33 Comments: 0
It's been reported on The Register, but sadly I found out about credentials (user account names, handles, and encrypted passwords) for Star Trek Online being compromised before then as I had already received an email from Cryptic (yes, it is genuine, despite the very poor English in the first sentence):

Cryptic Compromise

There are more details here.

It's frustrating that they only recently identified the breach (I suspect the compromise occurred when STO launched, at the end of January 2010, with password cracking identifying most credentials almost immediately and stronger passwords taking until February 2010). It's good advice to change passwords if you've used the same one on other services, but I can't help think that over two years later the damage has probably already been done. I suspect a large number of compromised users also played World of Warcraft, and if they used the same credentials then they may have already seen their WoW accounts compromised, with miscreants stealing their gold (virtual currency) and expensive items.

I gave up on Star Trek Online pretty early for a number of reasons (in general, it seemed pretty crap), I just wish I'd waited until it was free (at least I wasn't foolish enough to pay for a lifetime subscription) and until after the security issue had been fixed.

What are the odds that it was a SQL injection issue? I'm assuming that the statement "it is apparent that the intruder has been able to crack some portion of the passwords in this database" means that they didn't salt their password hashes (or the salt was easy to identify - perhaps the attacker registered their own account with a weak password - and the cracked passwords were also trivial).
© Robert Nicholls 2002-2024
The views and opinions expressed on this site do not represent the views of my employer.
HTML5 / CSS3