Gamasutra is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
May 21, 2019
arrowPress Releases

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

1.5M accounts exposed after eSports org balks at hacker's ransom demand

1.5M accounts exposed after eSports org balks at hacker's ransom demand

January 9, 2017 | By Alex Wawro

The eSports Entertainment Association (ESEA) confirmed today that an unidentified malefactor breached ESEA servers last year, then published a trove of ESEA user data online this month after their attempts to ransom the data were rebuffed.

This is significant because of the size of the breach: ESEA is one of the largest Counter-Strike communities in the world, and a representative of ESL (Electronic Sports League, the parent company of ESEA since 2015) told CSO today that roughly 1.5 million accounts had been exposed by the afore-mentioned data leak. 

(It's also something you should know about if you happen to have ever created an ESEA account!)

Devs who oversee their own vaults of player data may be curious to read ESEA's timeline of how the whole thing played out: it all started when a "threat actor" reportedly contacted the company in late December asking for a bounty of $100,000, or else they would publish a parcel of info that encompassed both player data and ESEA tech data.

The company says it responded by working to improve its security systems and alerted both its users and the authorities, but chose not to pay the bounty because "We do not give into extortion and ransom demands."  After a series of escalating demands, the bounty-hungry hacker(s) went public.

ESEA claims it does not store payment info on its servers and thus credit card data acould not be compromised, but "usernames, emails, private messages, IPs, mobile phone numbers (for SMS messages), forum posts, hashed passwords, and hashed secret question answers" may have been leaked. However, it claims all passwords were encrypted via bcrypt hashing.

Related Jobs

Infinity Ward / Activision
Infinity Ward / Activision — Woodland Hills, California, United States

UI Engineer (Temporary)
FoxNext Games
FoxNext Games — San Jose , California, United States

Senior Character Artist
Square Enix Co., Ltd.
Square Enix Co., Ltd. — Tokyo, Japan

Experienced Game Developer
Deep Silver Volition
Deep Silver Volition — Champaign, Illinois, United States

Technical Artist - Cinematics

Loading Comments

loader image