2 min read

Albion Online gamers told to change passwords following forum hack

Graham CLULEY

October 19, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Albion Online gamers told to change passwords following forum hack
  • Hacker exploited forum vulnerability, and offered stolen database for sale
  • Players advised to change their passwords

Sandbox Interactive, the developers of the free medieval fantasy video game Albion Online, have warned players that a hacker managed to break into its systems and gain access to its user database.

In a post on the Albion Online forum, players were advised that a hacker was able to exploit a vulnerability to gain access to the forum’s user database.

Exposed data included players’ email addresses, as well as passwords that had been salted and hashed with bcrypt.

At the very least this means that the hacker now has in their hands a list of Albion Online users’ email addresses – information which could be exploited in phishing and social engineering attacks in an attempt to trick players into handing over more information.

However, if some players chose weak passwords for their Albion Online forum account (which, lets face it, is hardly unlikely) then they might still be singled-out by a determined hacker.

If a hacker was able to correctly determine a user’s forum password it can also be used to play the Albion Online game itself. But more worryingly, it might be put to malicious use if the player has made the mistake of reusing the same password elsewhere on the internet.

The confirmation by Sandbox Interactive of a security breach came at approximately the same time that it was reported a hacker was offering the Albion Online database for sale on a hacking forum.

Sandbox Interactive is recommending that affected users can update their password via the Albion Online website. My advice would be for affected Albion Online players to do so, but also to ensure that they choose a strong, complex password and that they are not reusing passwords anywhere else on the internet.

That’s good advice whether there has been a security breach or not. All passwords should be hard-to-crack, hard-to-guess, and unique.

The use a good password manager can help ensure that passwords are being chosen sensibly rather than dreamt up by the human brain, and that unique, sensible and secure choices are made.

Albion Online says that it is contacting affected users via email. Of course, a malicious hacker might be contacting affected users at the same time – using the stolen email address list – so please be on your guard.

According to Sandbox Interactive, the vulnerability used by the hacker to access the sensitive data from the Albion Online forum has been patched, and a full security review is under way.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

2 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read