Latest in Gaming

Image credit:

'Witcher' developer forum hack exposed 1.8 million gamers

It happened in 2016, but many users are just finding out about it now.
347 Shares
Share
Tweet
Share

Sponsored Links

If you're a big enough The Witcher fan to have joined CD Projekt Red's official forums, you may be in for an unpleasant surprise. Members signed up to Have I Been Pwned have received emails warning them of a reported hack in March 2016 that compromised over 1.8 million forum accounts. Passwords were encrypted, thankfully, but you're encouraged to change your login just in case. The issue isn't so much the actual threat as the lack of notifications -- for many, this is the first sign that something went horribly wrong.

As it turns out, the game developer posted about the breach on its forums in mid-December. It touched on many of the details back then, including the encrypted passwords and that it's a "now-obsolete" database. However, the info stayed tucked away in the company's official The Witcher news sub-forum, where not many people are likely to go (let alone pay attention to security issues). Even a follow-up complaint on January 31st of this year got moved to a technical support forum where it's unlikely to be seen. Users are wondering: why didn't CD Projekt Red email everyone, even if didn't think the breach was serious?

We've asked the company for comment and will let you know if it has something to add. With that said, it's clear that there's some room for improvement. Forum hacks certainly aren't unheard of, but it shouldn't take several months to put up a forum post, let alone 10 months for most users to find out. If the passwords hadn't been secure, the damage could have been extensive.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
347 Shares
Share
Tweet
Share

Popular on Engadget

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

View
Nike puts an accessibility twist on its iconic Air Jordan 1

Nike puts an accessibility twist on its iconic Air Jordan 1

View
Alphabet’s Wing starts drone deliveries to US homes

Alphabet’s Wing starts drone deliveries to US homes

View
Boeing messages hint staff may have misled FAA about 737 Max

Boeing messages hint staff may have misled FAA about 737 Max

View
Judge refuses to block the release of ‘The Laundromat’ on Netflix

Judge refuses to block the release of ‘The Laundromat’ on Netflix

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr