Ubisoft Reveals Online Security Breach

Kastrenzo

New member
Jun 2, 2013
5
0
0
Good to know that my accounts from other services could be compromised thanks to one of the most arrogant and terrible companies in the industry.

I sincerley regret purchasing FarCry 3. it wasn't even that good, Now, even more so
 

Olas

Hello!
Dec 24, 2011
3,226
0
0
It's nice to know the uplay account I was unexpectedly forced to create after I bought Assassin's Creed 2 on Amazon.com has been hacked.

Thank you Ubisoft, I'll be buying lots of thing from you in the future.
 

TheEvilCheese

Cheesey.
Dec 16, 2008
1,151
0
0
I think it's good that I signed up to Uplay with my spam-ready email. I'm going to be on a lot of mailing lists again.

And as usual, encrypted passwords mean it's unlikely anything will be compromised. I don't have any of my MMO accounts on this password or email anyway the only things of any value that MIGHT share a password (but not an email adress) are easy to prove as mine and keep control of. Yay for being reasonably security conscious.

That said, it's about time I did a big password change across the board. That is not fun.
 
Jun 23, 2008
613
0
0
Dammit Ubi! I not only have to go through my active games, but will also have to do so for a friend of mine who is less security paranoid conscientious.

I had finally gotten comfortable with Uplay despite the webbrowser vulnerability affair from before.

Guess what, Ubi, I'm dropping my price point 25% for games that require Uplay. You cost me time. Now you won't cost me so much money. Drop Uplay. Drop DRM and I'll forgive you.

238U
 
Jun 23, 2008
613
0
0
TheEvilCheese said:
I think it's good that I signed up to Uplay with my spam-ready email. I'm going to be on a lot of mailing lists again.
When Uplay demanded my email address, I raged and hunted down temporary email services (like Slopsbox but they've since dissolved.)

here [https://www.guerrillamail.com/].

So yeah, if only email addies are all that was compromised I'll be okay. And, Nobody sells me a game and then tells me I have to give up privacy in order to play it.

That said, it's about time I did a big password change across the board. That is not fun.
Actually, thanks to the whole NSA surveillance fiasco, I've been learning to shift my habits with the intent of shifting towards end-to-end encryption. The Pirate Party guys point out that the first step is to start taking passwords seriously. We've become lazy with websites that will happily email or reset your password if you forget it. Encrypt your archives and forget the password, and they're gone!

I've also been considering developing passwords that are not shoulder-surfable. Taking a page from XKCD [https://xkcd.com/1105/] using randomly alternating 1s and ls (and Os and Qs and 0s and...) But again, that may be going to a paranoid extreme.

01QQlOO000lQ0O1Q!

238U
 

PoolCleaningRobot

New member
Mar 18, 2012
1,237
0
0
Callate said:
*Sigh* And in case anyone still wonders why so many people aren't entirely enthusiastic about the potential for an all-digital marketplace...
Exactly. One account for this stuff is fine, but I was forced to sign up for Uplay to play Blood Dragon which I got off Steam. Now I have to worry about this too? Just wait until every publisher does this bullshit on pc's so you'll have sensitive data on 20 different accounts

Edit: Fuck Ubisoft. I can't even change my password because it keeps giving an error message that says "enable cookies" which are enabled. After trying on 3 different browsers, I looked up the error and found it on Ubisoft's facebook page. Apparently its code for "site is down for maintenance". Fuck. Ubisoft.
 

viranimus

Thread killer
Nov 20, 2009
4,952
0
0
Well well. Looks like those with the common sense to tell Ubisoft to Fuck off when they said always on and have stuck to it are coming out of this shit storm smelling like a rose.

Moral to the story... dont put info online and it can never be stolen by online hackers.
 

waj9876

New member
Jan 14, 2012
600
0
0
I don't remember if I even had a Ubisoft account. The main email I've used for years now is apparently not in their databases, so if I do have it, it would be with a different one. But I can't remember even half of the email accounts I've had over the years.

This might be a problem...
 

RicoADF

Welcome back Commander
Jun 2, 2009
3,147
0
0
kailus13 said:
What exactly would hackers have to gain from this? They don't seem to be able to get any money from it. Is it just "for the lulz"?
Alot of people use the same passwords etc between sites, so while the Ubisoft site may not be of value, with those details they can go to another site and login to get more info or steal money etc. Also useful for identity theft.
 

Reaper195

New member
Jul 5, 2009
2,055
0
0
I got an E-mail about it...I didn't even know I had an account with them...

ellieallegro said:
Password... Nope. F**king password... Access Granted.
HAHAHAHAHAHA! I see what you did there.
 

Strazdas

Robots will replace your job
May 28, 2011
8,407
0
0
VladG said:
Erm... Again? Didn't they get hacked just a month or two ago when Blood Dragon was leaked?
probably every major release. a few hackers know a way to get into ubisoft servers and they can easily cut down thier DRMs this way, and since ubsisoft fail to update their security for what 4 years now they keep on coming in when they want.
 

Sonicron

Do the buttwalk!
Mar 11, 2009
5,134
0
0
Fuck you very much, Ubisoft. You force me to create a damn UPlay account just to get into AC2, and then you screw up in keeping my info safe. It's not your fault I now need to update my passwords on at least 10 different websites, but the point is I shouldn't have to. So fuck you all the same.
 

Duol

New member
Aug 18, 2008
84
0
0
Getting real tired of all this shit. Companies should be fined or forced to compensate customers whose privacy is infringed when data is stolen. No excuses. If you want us to make accounts for everything, that should come with a responsibility to keep data safe.
 

CrazyCapnMorgan

Is not insane, just crazy >:)
Jan 5, 2011
2,742
0
0
sleeky01 said:
rodneyy said:
kailus13 said:
What exactly would hackers have to gain from this? They don't seem to be able to get any money from it. Is it just "for the lulz"?
depends how much people have reused the same password. if its a one off use then almost noting is gained, but if they use the same for all sites they might be able, with e-mail and reused password, to log into other games. most mmos have some form of black market for ingame items. or if they people are really not up to speed on internet security it could give them access to other stuff like banking or whatever.

then they could probally sell the list of email addresses to spam bots
Very true!

In fact I'll post this interview I stumbled across 2 yrs ago. The young guy being interviewed is one Jared Psigoda who is a self-described "King of Chinese gold farming".The whole interview is interesting to watch just to get an understanding on how these gold farming companies work.

The related part to this thread is at 32:20 (I wish I knew how to post a youtube video at the correct time slot)where he explained exactly how game accounts get hacked.

Hint: Its from all the forum sites.

Quote me when you get this and look at what I did. It requires some basic math and coding skills, but nothing that a pen/pencil and a post-it can't easily remedy.


As you can see, you have to use the code '&start' with the '=' sign directly after what you pasted from the video link. Then, for where you want the video to start, you calculate in seconds when you want the video to start playing. If you also wish to end the video at a certain time, you use '&end' followed by the '=' symbol with the time also calculated in seconds. This is very helpful in using a particular video for informational purposes and for comedic effect.

 

Darks63

New member
Mar 8, 2010
1,562
0
0
Question: I have all of my Ubi games through Steam is this a concern for me since all the financial bits are on steam and not uplay?
 

Mako SOLDIER

New member
Dec 13, 2008
338
0
0
kailus13 said:
What exactly would hackers have to gain from this? They don't seem to be able to get any money from it. Is it just "for the lulz"?
If a person uses the same password for multiple sites, email accounts, etc, then all they need is an email address and password, whereupon they can log into your email, request password resets/reminders for other sites, etc, and essentially they could end up with full access to your paypal account, online banking, etc.
 

Bostur

New member
Mar 14, 2011
1,070
0
0
Darks63 said:
Question: I have all of my Ubi games through Steam is this a concern for me since all the financial bits are on steam and not uplay?
The financial bits are probably unaffected, but I assume you still have a uplay account that can be accessed by the hackers. Most Ubisoft games use a second account separate from Steam. So you should probably try changing you yuplay password.
 

Senare

New member
Aug 6, 2010
160
0
0
kailus13 said:
What exactly would hackers have to gain from this? They don't seem to be able to get any money from it. Is it just "for the lulz"?
Prestige and a fun challenge. Cracking can be its own reward!