World of Tanks Suffers Security Breach

 Pages 1 2 NEXT
 

World of Tanks Suffers Security Breach

image

Wargaming has revealed that a recent security incident may have compromised player's information.

Tanks are built to be impervious to a lot of things. Gunfire, chemical attacks, zombies; there's generally not much a tank can't protect you from. That said, it seems even metal behemoths with gigantic guns aren't safe from the internet. Wargaming, the makers of World of Tanks, confirmed yesterday that the game had suffered a security incident that may have allowed outside parties access to player information. Though no financial information was included in the breach, account holders are still being urged to update their profiles with new passwords to help prevent any further problems. To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

While this incident looks to be nowhere near as disastrous other infamous cases of gaming related hacking, it's still fairly notable. World of Tanks has one of the largest player bases in the entire world, ending 2012 with more than 45 million registered players. Any way you swing it, that's a lot of compromised information and fans would do well to heed the company's call and reset their passwords swiftly and soon. After all, even if nothing financial was revealed, you still don't want someone rooting around in your things, especially when a tank, virtual or not, happens to be one of them.

Source: Eurogamer

Permalink

If they were really concerned, they'd mass-reset all passwords.

TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

DVS BSTrD:
TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

Yup. It wouldn't be hard or take very long, either.

evilneko:

DVS BSTrD:
TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

Yup. It wouldn't be hard or take very long, either.

But then wouldn't there be a chance of the hacker receiving the notification anyway?

DVS BSTrD:
But then wouldn't there be a chance of the hacker receiving the notification anyway?

Yes, some chance. It's unavoidable due to people foolishly using the same password for their email accounts as other accounts. Of course, the hackers would have to make an effort to go and try to log into those email accounts, which they would if their goal was to steal WoT accounts. If the goal was something else or they're just lazy, they probably wouldn't bother.

Also they'd have to crack the passwords first. They got hashes, not actual passwords. Depending on the strength of the password and the strength of the hashing, this could take a very long time or a very very short time. And we all know how shit people are at using strong passwords...

300 gold just for changing passwords?? That almost makes me want to start playing WoT again. Almost.

Although I guess they basically NEED to bribe players to change their passwords given how much bullshit WoTs password requirements are.

DVS BSTrD:
TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

Why so? They have no real competition on the market and the game is quite good in some areas (avoiding P2W, good graphics and a lot of conetent, even when not in all the right areas...). In fact, it is one of the games with the biggest amount of actual players playing :P

Charcharo:

DVS BSTrD:
TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

Why so? They have no real competition on the market and the game is quite good in some areas (avoiding P2W, good graphics and a lot of conetent, even when not in all the right areas...). In fact, it is one of the games with the biggest amount of actual players playing :P

You just listed all the reasons.
I guess I wasn't clear enough: I'm surprised they lasted this long without being hacked

DVS BSTrD:

Charcharo:

DVS BSTrD:
TBH I'm Surprised they lasted so longCan they do that?

Why so? They have no real competition on the market and the game is quite good in some areas (avoiding P2W, good graphics and a lot of conetent, even when not in all the right areas...). In fact, it is one of the games with the biggest amount of actual players playing :P

You just listed all the reasons.
I guess I wasn't clear enough: I'm surprised they lasted this long without being hacked

OHH! Sorry :P. Misunderstanding on my part. Really am Sorry!

StewShearer:
To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

Other developers and publishers should take notice of this. This is how you spin a massive hacking incident into positive PR for your game. Take notes, there will be be a quiz and....

Damnit, Sony, stop sitting in the back of the class and drooling all over your desk! You especially should be paying attention.

CriticKitten:

StewShearer:
To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

Other developers and publishers should take notice of this. This is how you spin a massive hacking incident into positive PR for your game. Take notes, there will be be a quiz and....

Damnit, Sony, stop sitting in the back of the class and drooling all over your desk! You especially should be paying attention.

I agree with this, changed my password and got 300 gold, it's a very nice sort of apology for the inconvenience. Remember other companies, verbal apologies are alright but in game goodies are even better.

im not complaining. the 300 gold shortened the time to get the accurate 100mm gun on my t-44 tank by a few days :)

Wow, I just signed up for this a couple of days ago.

Shows what kind of sucker I am.

They suffer a security breach and instead of simply telling their playerbase to change their password (a thing that has never motivated me to do so in the past) decides to reward players that change it with pay-for currency in game. I actually took that opportunity without even knowing about the security breach. This is how you control the public, you give them shinys.

Captcha: lost love. No, captcha, this is love found.

CriticKitten:

StewShearer:
To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

Other developers and publishers should take notice of this. This is how you spin a massive hacking incident into positive PR for your game. Take notes, there will be be a quiz and....

Damnit, Sony, stop sitting in the back of the class and drooling all over your desk! You especially should be paying attention.

You mean the Sony that gave people free games and free ps+ for compensation?

Korten12:
You mean the Sony that gave people free games and free ps+ for compensation?

I'm just going to leave this here:

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Some customers may not like being forced to reset their passwords, and may be willing to take the risk of not changing it.

I have never played WoT, but this seems like a smart move and it seems like a fast response from them. Kudos to the developers.

linkmastr001:

Korten12:
You mean the Sony that gave people free games and free ps+ for compensation?

I'm just going to leave this here:

I agree with the video up till near the end, that is where it just gets nit picky. Saying "Isn't this supposed to be free?" makes no sense. PSN didn't suddenly become a paid service, PS+ was a paid service and so giving them access to it for a month is pretty good considering they get even more games to play (albiet until the service ends.)

On the topic of the games, InFamous 2 had literally just came out, they wouldn't give that out for free and cut profits. On for LBP2, the game had also jut come out earlier the same year. So giving them the newest games and cut profits wouldn't make sense.

Sure it would be great if they could cut profits and not much happen but it's unreasonable to think that they would. More so considering how much money they lost over the whole ordeal.

I am not saying Sony's PR was good during the whole thing, but to say that the compenstation wasn't very good is just bullshit.

Korten12:

linkmastr001:

Korten12:
You mean the Sony that gave people free games and free ps+ for compensation?

I'm just going to leave this here:

I agree with the video up till near the end, that is where it just gets nit picky. Saying "Isn't this supposed to be free?" makes no sense. PSN didn't suddenly become a paid service, PS+ was a paid service and so giving them access to it for a month is pretty good considering they get even more games to play (albiet until the service ends.)

On the topic of the games, InFamous 2 had literally just came out, they wouldn't give that out for free and cut profits. On for LBP2, the game had also jut come out earlier the same year. So giving them the newest games and cut profits wouldn't make sense.

Sure it would be great if they could cut profits and not much happen but it's unreasonable to think that they would. More so considering how much money they lost over the whole ordeal.

I am not saying Sony's PR was good during the whole thing, but to say that the compenstation wasn't very good is just bullshit.

The main point I was trying to make is that the whole thing felt like an "up-sale," where Sony was offering services/products in the hopes that you'd like them and by more similar services/products. To be fair "Saying "Isn't this supposed to be free?" makes no sense" is a fair point, but a free trial of something is supposed to get you to like the service and encourage you to use it. At the time I would have argues that they are offering this free trial as compensation which they would have probably already going to have at some point, or with discount promos (I know XBOX live occasionally did 1$ for a month promos), but I couldn't find any evidence on that, so I suppose I'm less annoyed with the free trial now then I originally was.

The biggest thing that annoyed me was the games they offered, I agree offering brand new games, such as Infamous 2, would have been weird, but only limiting the games to a handful of really popular games that have sequels feels like they want to get you addicted to a game series so you'd buy the sequels. Also, what about the customers who have already owned/played all the games they offered, they'd get nothing out of it. It seems to me that instead of offering a selection of $20 games for free, allowing users to get $25 of PSN credit or $20 cash back would have been the better move.

Anyways, I think I might have gotten us a bit off topic, if you wish to continue this, let's PM.

That game, I understand makes over 50million dollars US per month. Russian owners. Almost as much as WoW.

Charcharo:

DVS BSTrD:
TBH I'm Surprised they lasted so long

evilneko:
If they were really concerned, they'd mass-reset all passwords.

Can they do that?

Why so? They have no real competition on the market and the game is quite good in some areas (avoiding P2W, good graphics and a lot of conetent, even when not in all the right areas...). In fact, it is one of the games with the biggest amount of actual players playing :P

Gold ammo?

OT: Interesting idea of rewarding password resets, this is something i'd definitely like to see more often.

Devoneaux:

Charcharo:

DVS BSTrD:
TBH I'm Surprised they lasted so longCan they do that?

Why so? They have no real competition on the market and the game is quite good in some areas (avoiding P2W, good graphics and a lot of conetent, even when not in all the right areas...). In fact, it is one of the games with the biggest amount of actual players playing :P

Gold ammo?

OT: Interesting idea of rewarding password resets, this is something i'd definitely like to see more often.

Premium ammo can be bought for credits. Besides, it was so expensive in real world money/clan resources before the change that it was impossible to use lightly in a random battle.

Devoneaux:

Gold ammo?

Nope, you can get those with the ingame credits now, been like that for several months. You, however, forgot about how they sell tanks. Some of them are OP, some of them are trash, and almost every time it's hilarious to watch a noob show up in their shiny high tiered tank, just to get rolled because they don't know how the game works.

JaceArveduin:

Devoneaux:

Gold ammo?

Nope, you can get those with the ingame credits now, been like that for several months. You, however, forgot about how they sell tanks. Some of them are OP, some of them are trash, and almost every time it's hilarious to watch a noob show up in their shiny high tiered tank, just to get rolled because they don't know how the game works.

Again false :P . These tanks are not OP. They are always worse than a same tiered normal tank, only exception being the Type 59, which is almost equal to a same tier tank.

Charcharo:

JaceArveduin:

Devoneaux:

Gold ammo?

Nope, you can get those with the ingame credits now, been like that for several months. You, however, forgot about how they sell tanks. Some of them are OP, some of them are trash, and almost every time it's hilarious to watch a noob show up in their shiny high tiered tank, just to get rolled because they don't know how the game works.

Again false :P . These tanks are not OP. They are always worse than a same tiered normal tank, only exception being the Type 59, which is almost equal to a same tier tank.

Depends on which tank. Unless I'm mistaken, the T59 has some of the most ridiculous armor in the game for it's type (lots of slopin, iirc) Then there's the T127, say what you want, but with it's MM spread, that thing's a monster in the hands of anyone that knows to put the front end towards the enemy.

Can't remember exactly how the Lowe Matches up, I tend to stay in the lower ranks, but I know the Churchie's part of a rock paper scissors with the KV1 and that one US heavy. Let's see... the t2 US light tank thing is pretty beastly for it's rank... Now that I think about it, the higher tiered the tank, the crappier it is compared to a fully equipped normal tank xD

A free 300 gold for something I needed to do anyway? Yes, please.

JaceArveduin:

Charcharo:

JaceArveduin:

Nope, you can get those with the ingame credits now, been like that for several months. You, however, forgot about how they sell tanks. Some of them are OP, some of them are trash, and almost every time it's hilarious to watch a noob show up in their shiny high tiered tank, just to get rolled because they don't know how the game works.

Again false :P . These tanks are not OP. They are always worse than a same tiered normal tank, only exception being the Type 59, which is almost equal to a same tier tank.

Depends on which tank. Unless I'm mistaken, the T59 has some of the most ridiculous armor in the game for it's type (lots of slopin, iirc) Then there's the T127, say what you want, but with it's MM spread, that thing's a monster in the hands of anyone that knows to put the front end towards the enemy.

Can't remember exactly how the Lowe Matches up, I tend to stay in the lower ranks, but I know the Churchie's part of a rock paper scissors with the KV1 and that one US heavy. Let's see... the t2 US light tank thing is pretty beastly for it's rank... Now that I think about it, the higher tiered the tank, the crappier it is compared to a fully equipped normal tank xD

The Type 59 is not that armoured. It has 100mm of armour at 60 degrees which is pretty much 180mm at tier 8. Good for a medium tank, but penetrable, especially if we take into account the overmatching rules that happen at 200+ penetration. 203, 225 and 248 penetration guns on the Panther 2, Tiger 2/IS-3/KV-4 and T34 respectively will tear it down fast. Super Pershing has a lot more armour for its tier. Still, the Type 59 is unique in that it is quite good for a premium tank, almost as much as a normal tier 8 med.
As for the Lowe, well it is not a bad tank, just not even close to a King TIger or the VK 4502A
Now the Churchill 3 Lend-Lease for the USSR is a good tank, but honestly, upgraded tier 5 heavies will be noticabley better. It playes rock-paper scissors with the T14 though.
As for those low tier tanks... well I do not know for the T0127, i really do not. However, Tetrarch, 38H and T2 light tank have higher matchmaker spread than the normal tanks.

CriticKitten:

StewShearer:
To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

Other developers and publishers should take notice of this. This is how you spin a massive hacking incident into positive PR for your game. Take notes, there will be be a quiz and....

Damnit, Sony, stop sitting in the back of the class and drooling all over your desk! You especially should be paying attention.

The two $30 games (at the time) sitting on my PS3 drive tell me that they already passed the test.

I don't recall Microsoft giving anything away when they were hacked. Or Steam for that matter. Yet I recall Origin giving a couple games away when THEY were hacked.

Just saying.

NameIsRobertPaulson:

CriticKitten:

StewShearer:
To help motivate players to reset their passwords and do it quickly, Wargaming is hosting a "Change Your Password Event."

"In order to improve security and maintain account integrity for all of our players, Wargaming is supplying a one-time installment of 300 gold to each player that successfully updates their account password," said Wargaming in an announcement. "While we do support the regular updating of your account password, your account is only eligible for one payment."

Other developers and publishers should take notice of this. This is how you spin a massive hacking incident into positive PR for your game. Take notes, there will be be a quiz and....

Damnit, Sony, stop sitting in the back of the class and drooling all over your desk! You especially should be paying attention.

The two $30 games (at the time) sitting on my PS3 drive tell me that they already passed the test.

I don't recall Microsoft giving anything away when they were hacked. Or Steam for that matter. Yet I recall Origin giving a couple games away when THEY were hacked.

Just saying.

When Sony got hacked, their servers were down for almost a month, so no one could even use PSN. So really, you'd expect some compensation.

Korten12:
You mean the Sony that gave people free games and free ps+ for compensation?

NameIsRobertPaulson:
The two $30 games (at the time) sitting on my PS3 drive tell me that they already passed the test.

I knew people would jump on this line. Unfortunately for you, I also had an irrefutable reply prepared for this occasion:

Yes, they did give away free games after the hack. But it was a month after the fact, and that was only after people pointed out how their initial offer (a "free trial" of their paid service, which felt more like an attempt to sell their paid subscription service instead of an actual apology) was an absolutely terrible one. Heck, it took them nearly a week to admit they had been hacked at all, and it wasn't until about two weeks after the initial hack that they admitted personal data had been stolen. In other words, they were the living incarnation of Slowpoke.

World of Tanks, by comparison, did it right: Within days of the hack, they reported it to their customers, and they had immediate plans for compensation in the form of a promotion that actually compensates the users directly and immediately simply for changing their passwords.

That's the difference: response time. If you respond too slowly to a disgruntled customer, it doesn't matter how nice the apology is or how many goodies you sweeten it with, they're going to consider moving on. Sony didn't understand this and thought they were "too big to fail". But now they're getting a reality check in the marketplace, as the Sony hack is still a stain on their reputation as they struggle to battle back against encroaching competition in virtually every major market they're invested in.

You can argue all you like about how they've apologized to you and you've forgiven them for it and blah blah blah. I don't particularly care. But you can't refute the simple fact that their response time to the incident was exceedingly slow, and that the entire incident was very poorly dealt with in general. Sony demonstrated precisely how not to respond to a major hacking job: Deny that it happened at all or that any critical data was stolen, only to later admit that it HAD been stolen, and then take months to apologize to your consumers properly.

Charcharo:

The Type 59 is not that armoured. It has 100mm of armour at 60 degrees which is pretty much 180mm at tier 8. Good for a medium tank, but penetrable, especially if we take into account the overmatching rules that happen at 200+ penetration. 203, 225 and 248 penetration guns on the Panther 2, Tiger 2/IS-3/KV-4 and T34 respectively will tear it down fast. Super Pershing has a lot more armour for its tier. Still, the Type 59 is unique in that it is quite good for a premium tank, almost as much as a normal tier 8 med.
As for the Lowe, well it is not a bad tank, just not even close to a King TIger or the VK 4502A
Now the Churchill 3 Lend-Lease for the USSR is a good tank, but honestly, upgraded tier 5 heavies will be noticabley better. It playes rock-paper scissors with the T14 though.
As for those low tier tanks... well I do not know for the T0127, i really do not. However, Tetrarch, 38H and T2 light tank have higher matchmaker spread than the normal tanks.

Well, for the T59, I meant it's sloping, it does bounce a lot, right?

Actually the lower tiered premium tanks usually get a good spread (when they're solo*) I've never seen a tetrarch in a t4 match and it's got a massive gun if memory serves, and the Valentine never sees t5s. t127 never sees above t4. Basically, under t5 (that I know of) will never see a tank two tiers above them so long as they're solo.

CriticKitten:

Korten12:
You mean the Sony that gave people free games and free ps+ for compensation?

NameIsRobertPaulson:
The two $30 games (at the time) sitting on my PS3 drive tell me that they already passed the test.

I knew people would jump on this line. Unfortunately for you, I also had an irrefutable reply prepared for this occasion:

Yes, they did give away free games after the hack. But it was a month after the fact, and that was only after people pointed out how their initial offer (a "free trial" of their paid service, which felt more like an attempt to sell their paid subscription service instead of an actual apology) was an absolutely terrible one. Heck, it took them nearly a week to admit they had been hacked at all, and it wasn't until about two weeks after the initial hack that they admitted personal data had been stolen. In other words, they were the living incarnation of Slowpoke.

World of Tanks, by comparison, did it right: Within days of the hack, they reported it to their customers, and they had immediate plans for compensation in the form of a promotion that actually compensates the users directly and immediately simply for changing their passwords.

That's the difference: response time. If you respond too slowly to a disgruntled customer, it doesn't matter how nice the apology is or how many goodies you sweeten it with, they're going to consider moving on. Sony didn't understand this and thought they were "too big to fail". But now they're getting a reality check in the marketplace, as the Sony hack is still a stain on their reputation as they struggle to battle back against encroaching competition in virtually every major market they're invested in.

You can argue all you like about how they've apologized to you and you've forgiven them for it and blah blah blah. I don't particularly care. But you can't refute the simple fact that their response time to the incident was exceedingly slow, and that the entire incident was very poorly dealt with in general. Sony demonstrated precisely how not to respond to a major hacking job: Deny that it happened at all or that any critical data was stolen, only to later admit that it HAD been stolen, and then take months to apologize to your consumers properly.

How could they? Unlike Tanks, their servers were down. You can't give them free games the day after if they wouldn't even be able to get on the servers to download them in the first place! It's unreasonable to expect compensation the day after when they could do nothing to compenstate until PSN was back up.

Unless you expected Sony to wave a wand and magically give everyone free games to download through a mysterious second service...

Korten12:
How could they? Unlike Tanks, their servers were down. You can't give them free games the day after if they wouldn't even be able to get on the servers to download them in the first place! It's unreasonable to expect compensation the day after when they could do nothing to compenstate until PSN was back up.

Unless you expected Sony to wave a wand and magically give everyone free games to download through a mysterious second service...

You should read the posts you quote more carefully.

I never said they had to give the people free games the very instant that the servers went down. You made that straw-man up because you didn't have a response to my actual point: that Sony's response was handled in just about the poorest fashion of any major company in the last several years.

They denied the hack had even occurred initially. Then they said it did happen, but no personal information was stolen....which they later corrected to mean "lots of personal data was stolen" about two weeks after the hack. Easy to see how they might confuse those two things, right?

They finally admit to the breach and offer people a "free trial" of their subscription service....which was, to be honest, a pathetic attempt to sell more people a subscription to a service that had just proven itself unreliable. It was only after people complained about that offer that Sony begrudgingly threw in free games. They didn't do it out of the kindness of their hearts, that's for certain. They did it because they saw the response to the previous offer and knew it wouldn't be enough.

It's really quite adorable that there are people who still try to defend Sony as having dealt with the issue properly when in fact they're a textbook example of how not to respond to this sort of security issue.

Can't complain, that 300 gold just paid the remainder of my 6.1mil for my t10.

devotedsniper:
Can't complain, that 300 gold just paid the remainder of my 6.1mil for my t10.

Mine'll likely go to garage slots the next sale they have, unless they put one of the tiny prems on sale, in which case I'll probably buy one of those.

 Pages 1 2 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Registered for a free account here