14 DAY TRIAL // Video game giant Electronic Arts (EA) has confirmed that an older server belonging to BioWare, one of its subsidiaries, has been compromised by hackers who stole user data.
According to a Q&A page posted on its website, the hacked server was supporting the forums for Neverwinter Nights (NWN), a popular role-playing game series developed by BioWare.
"The server system associated with the Neverwinter Nights forums was the target of a highly sophisticated and unlawful cyber attack. While we have security controls in place, even the best software and processes can’t keep up with hackers 100% of the time.
"We have moved swiftly to implement additional security controls to prevent this type of breach from happening again to secure your data and are conducting further evaluations now," EA said.
The company's investigation revealed that user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys, and birth dates might have been compromised.
In addition, some legacy accounts had their passwords in plain text and those linked with new EA system might have had more details exposed, including billing address, language, game entitlements and games played.
Depending on the estimated impact some accounts have been disabled while others have had their passwords reset. All affected users were alerted via email.
The company advises customers to be wary of emails purporting to come from BioWare or EA and asking for additional information about them, as attackers might be trying to obtain more data.
Similarly, emails that appear to be official, but contain attachments or links should be treated with extra caution. As a precaution, affected users should change their passwords on all websites where they might have used them.
BioWare is one of many game developers targeted by hackers in recent months, so it might be a good idea to keep information shared with such companies at a minimum. For example, it's better to input a billing address each time a purchase is made than to have it stored on record.