Companies Behind Warframe, Clash of Kings Games Suffer Data Breaches
Two prominent gaming companies have announced this week that they suffered data breaches at the hands of unknown hackers.
The first to make an announcement was Digital Extremes, a gaming company that’s behind a hugely popular Warframe Xbox One, Playstation 4, and PC online free-to-play cooperative third-person shooter video game.
According to a post on their forum on Wednesday, the company recently discovered a data breach that had occurred in 2014.
775,749 user records stolen from Warframe website
The Digital Extremes spokesperson said the breach occurred via its main website, and the hacker used the Drupalgeddon SQL injection exploit (CVE-2014-3704) to hack into the site.
At the time of the attack, the Drupalgeddon bug was still a zero-day, and the Drupal project patched it two weeks after.
The company’s Drupal installation was used to register players and collect various types of data about them. Digital Extremes said the hacker managed to steal some personal details, but no “account passwords, variations of passwords, hashed passwords, game account data or personal player information such as full names, addresses or other billing and payment information.”
In total, the hacker made off with 775,749 user records. The good news is that the company scrapped the Drupal platform since 2014 and abandoned the practice of collecting user data on its website. Digital Extremes has also announced it added 2FA support for its forum and urged users to change their passwords.
1,597,717 user records taken from Clash of Kings forum
In a separate report from ZDNet today, a hacker has told reporters that he stole 1.6 million user records from the Clash of Kings forum last week, which he provided to LeakedSource, a data breach notification service.
According to the hacker’s account of the incident, he used simple Google searches to identify vulnerable versions of vBulletin forums, and he took advantage of an ancient 2013 vulnerability to breach the forum and steal the user records.
Stolen user data includes usernames, emails, passwords (salted and hashed), IP addresses, device IDs, Facebook details, and Facebook access tokens.