Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
November 13, 2018
arrowPress Releases
  • Editor-In-Chief:
    Kris Graft
  • Editor:
    Alex Wawro
  • Contributors:
    Chris Kerr
    Alissa McAloon
    Emma Kidwell
    Bryant Francis
    Katherine Cross
  • Advertising:
    Libby Kruse

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

1.5M accounts exposed after eSports org balks at hacker's ransom demand

1.5M accounts exposed after eSports org balks at hacker's ransom demand

January 9, 2017 | By Alex Wawro

The eSports Entertainment Association (ESEA) confirmed today that an unidentified malefactor breached ESEA servers last year, then published a trove of ESEA user data online this month after their attempts to ransom the data were rebuffed.

This is significant because of the size of the breach: ESEA is one of the largest Counter-Strike communities in the world, and a representative of ESL (Electronic Sports League, the parent company of ESEA since 2015) told CSO today that roughly 1.5 million accounts had been exposed by the afore-mentioned data leak. 

(It's also something you should know about if you happen to have ever created an ESEA account!)

Devs who oversee their own vaults of player data may be curious to read ESEA's timeline of how the whole thing played out: it all started when a "threat actor" reportedly contacted the company in late December asking for a bounty of $100,000, or else they would publish a parcel of info that encompassed both player data and ESEA tech data.

The company says it responded by working to improve its security systems and alerted both its users and the authorities, but chose not to pay the bounty because "We do not give into extortion and ransom demands."  After a series of escalating demands, the bounty-hungry hacker(s) went public.

ESEA claims it does not store payment info on its servers and thus credit card data acould not be compromised, but "usernames, emails, private messages, IPs, mobile phone numbers (for SMS messages), forum posts, hashed passwords, and hashed secret question answers" may have been leaked. However, it claims all passwords were encrypted via bcrypt hashing.

Related Jobs

Digital Extremes
Digital Extremes — London, Ontario, Canada

Multimedia Designer
Playful Corp
Playful Corp — McKinney, Texas, United States

UI Designer
Insomniac Games
Insomniac Games — Burbank, California, United States

Senior Environment Technical Artist
Playful Corp
Playful Corp — McKinney, Texas, United States

FX Artist

Loading Comments

loader image