security breach
Latest
AT&T breach reveals 114,000 iPad owners' email addresses, including some elite customers
Uh oh. According to Valleywag, an AT&T security breach led to the exposure of 114,000 email addresses (and associated SIM / ICC identifiers) belonging to Apple iPad owners. A group of hackers calling themselves Goatse Security (be careful looking that one up) figured out a number of ICC-IDs and ran a script on AT&T's site through a faked iPad UserAgent, which would then return the associated addresses. Some of those affected were actually quite big names, including the CEOs of The New York Times and Time Inc., some higher-ups at Google and Microsoft, and even a number of employees from NASA, FAA, FCC, and the US military. For its part, AT&T tells AllThingsD that it was informed of the issue on Monday, that only the addresses and associated ICC-IDs were revealed, and that by Tuesday the "feature" that allowed addresses to be seen had been turned off. And as Security Watch's Larry Seltzer cautions in a statement to PC Mag, the impact of this breach -- just email addresses -- is probably somewhat exaggerated. Still, regardless of the magnitude, this can't be making AT&T's day at all bright, and you best believe a number of folks in Cupertino have fire in their eyes over this bad press. [Thanks to everyone who sent this in]
City of Heroes offers a reminder on account security
NCsoft hasn't been having an easy start to the year, at least not in the eyes of security-minded players. The entire Guild Wars security question recently came to a head with suspicions and accusations that the flaw was something wrong with NCsoft's account management, a black eye if ever there was one. Of course, that raises questions about not just Guild Wars, but any game under the company's aegis, which includes City of Heroes. So it should come as little surprise that a reminder about account security has recently been posted on the official site. The reminder itself is fairly standard boilerplate, reminding everyone to avoid giving out their account information to any other players, only log in from secure locations, and so forth. It also addresses the issue at hand in a roundabout fashion, mentioning that they found no malicious workarounds after investigating "current claims." However, the very next line mentions that they have added more robust logging and security procedures, which can lead to the obvious conspiracy theories. With fewer items to be traded than many other games, City of Heroes has a smidge more built-in security -- but a little extra reminder and caution never hurts.
Potential smoking gun found for Guild Wars security issues
It started as a surprise. Guild Wars players reported suddenly finding themselves hacked, their accounts cleaned out, no indication of what could have caused the problem. NCsoft and ArenaNet offered suggestions, security safeguards, new measures being taken, hints that the problem lay in a popular third-party website with an undisclosed name. But with the recent rash of problems that Aion players have been having regarding security, new facts have begun coming to light, and they paint a picture that isn't pretty. Specifically, some players seem to be finding that it doesn't take any skill to wind up hacking someone's account accidentally. And all it takes is a few log-in attempts to find yourself with access to someone's account name, password, and billing information for all of a player's NCsoft games.
Major Nelson: No Xbox Live security breach
Major Nelson has issued a statement dismissing recent reports that there has been a collapse in security with Xbox Live and Bungie.net. Nelson says, "Despite some recent reports and speculation, I want to reassure all of our 6 million Xbox Live members that we have looked into the situation and found no evidence of any compromise of the security of the Xbox Live Network or Bungie.net."Nelson goes on to say that there have been "isolated incidents" where users are trying to gain personal information. Microsoft is offering a PDF on how to protect yourself against identity theft. Seriously though, it's the internets, there are predators out there trying to steal your identity. Don't ever give someone your passwords or personal info.
