Saturday, December 24, 2011
As I was in the Rift beta, my name is in Trion's database. So I got a mail from them this week saying: "We recently discovered that unauthorized intruders gained access to a Trion Worlds account database. The database in question contained information including user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards." Fortunately I never bought Rift, so my credit card data aren't on file with them. And I use different passwords for different games.
This is just the latest of a string of similar database hacks. Pretty much every MMORPG company except Blizzard has sent me similar e-mails in the last year or two. And I don't suppose this is going to get better in the future. MMORPGs are increasingly monetized, virtual goods increasingly have real money value, and trends like the Diablo III real money auction house are only going to increase that real money value. And apparently databases of game companies are a lot less protected than those of banks. If hacking the accounts of individual players makes sense, hacking the whole database makes even more sense. Be very careful with your data out there!