BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Konami asks users to change passwords after 35, 000 accounts were accessed

From: Erica Absetz <erica () riskbasedsecurity com>
Date: Fri, 12 Jul 2013 11:06:33 -0500
http://www.theinquirer.net/inquirer/news/2281297/konami-asks-users-to-change-passwords-after-35-000-accounts-were-accessed

GAMES PUBLISHER Konami has asked all users of its website to change
their passwords after finding over 35,000 unauthorised logins to the
service.

Konami has requested that all users of its Konami ID portal website
change their passwords after uncovering a security breach that led to
a large number of unauthorised accesses. The firm said that over a
period of three weeks 35,252 accounts were accessed through just under
four million attempts.

Konami took the commendable decision to release details about the
security breach. The firm said that during the period 13 June through
7 July, 3,945,927 login attempts had been made, of which 35,252 were
successful. The figures were calculated after the firm detected a
large number of login errors on 8 July.

The games publisher said that the customer information that might have
been compromised included users' names, addresses, dates of birth,
telephone numbers and email addresses. Konami said no changes of
customers' information or unauthorised use of paid services have been
detected.

Konami said it has strengthened security and "raised its monitoring
level". The firm added that user IDs and passwords that were involved
in unauthorised logins can no longer be used.

Konami added that the IDs and passwords used for unauthorised logins
had been leaked from an external service. The firm did not say what
the external service was or whether it still has access to Konami's
databases.

Konami joins Ubisoft, Codemasters and Bohemia Interactive in having
suffered security breaches that led to the firms asking customers to
change their passwords.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: