921 replies to this topic

[Calendae]

i don't think so, if only because turbine isn't anywhere near sony with regards to size and turnover.

[Rosiebelle]

You mean the Playstation breach or the exploding TVs?

http://www.bbc.co.uk...nology-15272573

[Calendae]

hey ... it's not a trick ... it's a sony ...

[Agra]

Vardiel, on 12 October 2011 - 13:10, said:

Sounds like an emergency then.
Let's hope it isn't a Sony sized emergency.

http://lotrocommunit...dpost__p__16664

[Rosiebelle]

Google translate ses:

Summary by me:

turbine was from me by Sunday night ticket information.
no response on Monday, so I wrote a thread in the forum of the turbine has been deleted. no reaction.
I then wrote an email to webmaster@turbine.com

until yesterday, no response.
I had even told the exact url turbine.
as more and more people have been hacked, which I know to some, I have given the warning I get out of here.

I'm here with three names and email passwordhashs (without salt) to the published evidence.
(one probably was not right of me)
then probably valandir told by twitter and immediately draufhin sapience what was checked and the forum is closed since * facepalm *

what was missing since the migration from CodeMaster of turbine (because it was only possible)
each and everyone could actually access the data.
date on which banks can access exactly knows I had not, because I have not analyzed everything.

The fact is. they had access to over 1 millio the data related to the Forum. there were addresses, according to columns, payment, email, passwords etc stored.

[Blister]

Anyone having problems with Casual Stroll to Mordor as well?


http://safebrowsing....lltomordor.com/

[MueR]

CSTM has been targetted by some russian scriptkiddie who replaced some things with nasty stuff. They've cleaned it up by now.

[Rosiebelle]

"What is the current listing status for casualstrolltomordor.com?

Site is listed as suspicious - visiting this website may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 4 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-10-11, and the last time suspicious content was found on this site was on 2011-10-11."


Then goes on to say something about a dodgy Russian sounding URL - looks like they might have got hit by malware.

[cossieuk]

Perhaps Turbine is suffering from the same problems as Blackberry

Also I tries to get on the forum last night at around 9:30 pm and they were down, so they have been down for at least 17 hours

[Grimdoin]

Read the linked posts from the German part of the forum. The mySQL server allowed anonymous access from the web and contained all (>1.2M!) account details. Reason enough to take things downs. And nice communication again from Turbine...

[Blister]

Grimdoin, on 12 October 2011 - 14:21, said:

Read the linked posts from the German part of the forum. The mySQL server allowed anonymous access from the web and contained all (>1.2M!) account details. Reason enough to take things downs. And nice communication again from Turbine...

Was access to credit/debit card details obtainable? I suppose now would be a good time to change my password....

[MueR]

According to freundlich, it was.

[Rosiebelle]

Well I have tweeted one of the BBC's technology correspondents. If they won't give us any info maybe a phone call or two from the media will get things moving.

[Blister]

MueR, on 12 October 2011 - 14:34, said:

According to freundlich, it was.

So time to cancel cards and have them reissued? AFAIK I wasnt required to enter anything on my side when making purchases from the lotro store as they held all the information already? Would this not have been encrypeted in the database?

The silence from turbine on this is shocking....

[SellingTheDrama]

Blister, on 12 October 2011 - 14:43, said:

So time to cancel cards and have them reissued? AFAIK I wasnt required to enter anything on my side when making purchases from the lotro store as they held all the information already? Would this not have been encrypeted in the database?

The silence from turbine on this is shocking....

myaccount is still up and accessible.

IF someone was able to get logins/pw from the forum leak then thye could get into it.

in most cases the hackers do not take action on such things right away, but sit on it and maybe sell it to someone else.

either way, just to be safe i would suggest changing your account password ASAP.

[cossieuk]

Would changing your password before the problem is fixed not be a waste of time?

[Artamir92]

So the forums have now been offline for about 19 hours. The last thing we heard was "The LOTRO Forums are currently unavailable. We do not have an ETA for their return at this time." on their Twitter page, which was posted over 11 hours ago.

This is the only information we've had, and if you're not on their Twitter page you won't know anything. This is not good at all Turbine.

[Rosiebelle]

I've posted a link on Facebook directing people here for latest info (should there be any) (a few of my kin and other LOTR freinds are on FB) and also e-mailed a few of the likely gamers at work.

[SellingTheDrama]

cossieuk, on 12 October 2011 - 14:47, said:

Would changing your password before the problem is fixed not be a waste of time?

myaccount is not connected to the community sites.

they just stupidly share the same login/pw.

i do not see how they could get the changed password with the forums down.

changing our password is the best thing we can do right now to protect ourselves.

just in case.

one would think if this was a hack there would be messages on twitter/facebook and emails sent out telling folks to change their passwords long before now.

but just in case ive changed mine.

[Blister]

Password changed here as well and I will advise all in kin to do so also