Security threats Toolkit

Hackers raid games firm

Tags:
Data Theft,
Password

Greg Sandoval CNET News

Published: 20 Dec 2005 10:00 GMT

A maker of popular role-playing games was forced to shut down its online store for four days after hackers pilfered email addresses, user names and encrypted passwords.

White Wolf Publishing, creator of video and table-top games such as "World of Darkness" and "Vampire: The Requiem", received a message from an "international group of hackers" on 11 December saying they had penetrated the company's online security defense, said company spokeswoman Kelley Herman.

The hackers threatened to post user data on the Web unless the company paid them a sum of money. White Wolf has not publicly disclosed the amount of that sum.

But the Atlanta-based company refused to pay, and the hackers responded this week by emailing individual White Wolf customers to tell them they can buy the stolen information for $10.

Herman declined to say how many customers might have been affected.

"We notified our clients immediately and advised them to change their passwords," Herman said. Over time, there is a chance the encryption on the passwords could be broken. This posed a risk to customers who use the same passwords for online banking and shopping.

The theft is the latest example of the difficulty that small online stores or Web companies have in fending off attacks by technologically sophisticated criminals. Last week, hackers snatched the personal details of thousands of donors to a Christian charity Web site in the UK and tried to extort money from donors.

Herman said the hackers exploited a software flaw to get past the site's security. White Wolf's online store was down for four days while the company tried to fix the flaw. As far as White Wolf can tell, however, the hackers did not manage to steal any credit card information. The FBI is investigating the break-in, Herman said.

The FBI office in Atlanta has not responded to requests for comment on this story.