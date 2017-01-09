Gamasutra: The Art & Business of Making Gamesspacer
SEARCH
GO
GAME JOBS
updates Blogs contractors newsletter store
SEARCH
GO

arrow
PROGRAMMING
spacer
ART
spacer
AUDIO
arrow
DESIGN
arrow
PRODUCTION
arrow
BIZ/MARKETING

arrowLatest Jobs
View All     RSS
January 9, 2017
arrowLatest Blogs
View All     Post     RSS
January 9, 2017
arrowPress Releases
January 9, 2017
Games Press
View All     RSS
arrowAbout
Contact Gamasutra
Report a Problem
Submit News
Comment Guidelines
Blogging Guidelines
How We Work
Sponsor
arrowGama Network
If you enjoy reading this site, you might also want to check out these UBM Tech sites:
Game Career Guide
Indie Games

1.5M accounts exposed after eSports org balks at hacker's ransom demand
1.5M accounts exposed after eSports org balks at hacker's ransom demand
January 9, 2017 | By Alex Wawro
January 9, 2017 | By Alex Wawro
Comments
    Post A Comment
More: Social/Online, Business/Marketing

The eSports Entertainment Association (ESEA) confirmed today that an unidentified malefactor breached ESEA servers last year, then published a trove of ESEA user data online this month after their attempts to ransom the data were rebuffed.

This is significant because of the size of the breach: ESEA is one of the largest Counter-Strike communities in the world, and a representative of ESL (Electronic Sports League, the parent company of ESEA since 2015) told CSO today that roughly 1.5 million accounts had been exposed by the afore-mentioned data leak. 

(It's also something you should know about if you happen to have ever created an ESEA account!)

Devs who oversee their own vaults of player data may be curious to read ESEA's timeline of how the whole thing played out: it all started when a "threat actor" reportedly contacted the company in late December asking for a bounty of $100,000, or else they would publish a parcel of info that encompassed both player data and ESEA tech data.

The company says it responded by working to improve its security systems and alerted both its users and the authorities, but chose not to pay the bounty because "We do not give into extortion and ransom demands."  After a series of escalating demands, the bounty-hungry hacker(s) went public.

ESEA claims it does not store payment info on its servers and thus credit card data acould not be compromised, but "usernames, emails, private messages, IPs, mobile phone numbers (for SMS messages), forum posts, hashed passwords, and hashed secret question answers" may have been leaked. However, it claims all passwords were encrypted via bcrypt hashing.

Related Jobs

Bandai Namco Entertainment America
Bandai Namco Entertainment America — Santa Clara, California, United States
[01.09.17]
Senior Mobile Product Manager
NEXON M
NEXON M — Emeryville, California, United States
[01.09.17]
Sr. Software Engineer, Big Data
Tesla Motors, Inc.
Tesla Motors, Inc. — Los Angeles, California, United States
[01.09.17]
Developer, Digital Design Technologies
Lionbridge Technologies
Lionbridge Technologies — Bellevue, Washington, United States
[01.09.17]
Native Language Video Game Localization Tester-3471


[View All Jobs]


Top Stories

Rethinking the player avatar in VR
Bethesda PR VP: Design games to be unique rather than crowdpleasers
2017 Independent Games Festival announces Main Competition finalists!
Tim Sweeney: Closed VR platforms are 'sending the wrong message'


[Next News Story]    [View All]


Loading Comments
loader image