Monday, 10 September 2012

More Guild Wars Woes - Accounts Compromised

Not a minor problem, but also hopefully not a large one either.

As if the couple thousand people that have been banned -- permanently or otherwise -- for the recent bug exploitation isn't rough enough, it turns out that another grand slew of accounts may have been compromised. The number seems to be clocking in at around eleven-thousand accounts that may have been compromised.

First thing is first though, it's important to note that this happened through no fault of ArenaNet; rather it seems that, according to the information obtained these passwords were, "stolen from other games and web sites, and collected through spyware, and are systematically testing Guild Wars 2 looking for matching accounts." Basically, it seems to be a brute force attack that's using passwords that may have been overlapped with any current Guild Wars 2 accounts.

Now, I'm not going to sit here and preach password practices. If you want tips for stuff like that there's plenty of sites offering advice from the mundane to the completely esoteric. That being said I would say that if you suspect you've been hit by a potential leak somewhere then change your Guild Wars password, among others.

ArenaNet isn't taking this lying down either; they've even hired more support staff to deal with the large influx of people who have been unable to access their accounts and suspect foul play might be at work. According to them, "Over the past three days, we’ve received approximately 8,500 new support tickets related to hacked accounts and other blocking login issues, and we’ve resolved issues to get approximately 9,500 players back into the game (most from tickets submitted prior to Friday, August 31)," So they've been doing seemingly all they can to ensure that this problem doesn't spin out of control, especially at a point this early in the life of the new game.

This article also details that there is a way for a player to attempt to get back a hacked account themselves, although it's bittersweet since the information included does mention that at this point any losses of characters are not able to be reset, at least not at the current time according to the wiki.

Although the Authenticator is synonymous with World of Warcraft, it might be prudent for ArenaNet to consider implementing it into their game as well. Having an extra layer of protection certainly cannot hurt in terms of player security and peace of mind. Even a program that would be run as an app on a phone or from the computer itself could go a long way towards preventing this kind of incident from happening in the future. Whether or not they will take measures to add extra layers of security is still currently unknown, but given the current circumstances I believe that it would be foolish not to at least be considering it.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.