What did GS do about it's databreach in February?

evertevert Member Posts: 266
edited May 2019 in Miscellaneous

So I was wondering, GS had a data breach in February.
1.5milion mail addresses got leaked with passwords, ip's and usernames.

But I did not get any communication about it from GS.

Can someone tell me more about what happened and what GS is doing about it?

a bit more info here:
https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/

Comments

  • tatiangtatiang Member, Sous Chef, PRO, Senior Sous-Chef Posts: 11,949
  • tatiangtatiang Member, Sous Chef, PRO, Senior Sous-Chef Posts: 11,949
    edited May 2019

    Also, I received an email from GameSalad on March 20 with the subject line "Important GameSalad Security Notification":

    We are writing to inform you that we were recently able to confirm that there was unauthorized access to a GameSalad database containing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents.

    Compromised data includes your email address, username, and password hash.

    While your password itself has not been compromised, we encourage you to change your password on your GameSalad account as well as any other accounts where you use the same email / password combination.

    Instead of storing your password, we store a piece of information in our database called a “cryptographic hash”. This hash lets us check your password at login without storing said password. As hackers have gotten more sophisticated, they have built databases that let them map hashes to commonly used passwords.

    If you are having trouble logging on or suspect your account has been accessed without your permission, please reply to this email.

    Since the compromised system was first discovered, we have been working to methodically examine, rebuild and test each component of our system to ensure it is safe. Earning your trust through the operation of a secure service will always be our highest priority. We deeply regret this incident and apologize to you, and to everyone who relies on us, for this inconvenience.

    Sincerely,
    Tan Tran
    CEO
    GameSalad, Inc.

    New to GameSalad? (FAQs)   |   Tutorials   |   Templates   |   Greenleaf Games   |   Educator & Certified GameSalad User

  • evertevert Member Posts: 266

    @tatiang said:
    Also, I received an email from GameSalad on March 20 with the subject line "Important GameSalad Security Notification":

    We are writing to inform you that we were recently able to confirm that there was unauthorized access to a GameSalad database containing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents.

    Compromised data includes your email address, username, and password hash.

    While your password itself has not been compromised, we encourage you to change your password on your GameSalad account as well as any other accounts where you use the same email / password combination.

    Instead of storing your password, we store a piece of information in our database called a “cryptographic hash”. This hash lets us check your password at login without storing said password. As hackers have gotten more sophisticated, they have built databases that let them map hashes to commonly used passwords.

    If you are having trouble logging on or suspect your account has been accessed without your permission, please reply to this email.

    Since the compromised system was first discovered, we have been working to methodically examine, rebuild and test each component of our system to ensure it is safe. Earning your trust through the operation of a secure service will always be our highest priority. We deeply regret this incident and apologize to you, and to everyone who relies on us, for this inconvenience.

    Sincerely,
    Tan Tran
    CEO
    GameSalad, Inc.

    Weird, the mail must have slipt my mailbox.

Sign In or Register to comment.