Potential User Data Breach

thx for the update
Does this mean that GGG and Path of Exile are officially mainstream now?

You've never truly landed until you've been hacked.

At least they told us about this, it is in GGG's best interest to help it's fan base as much as possible in a situation like this.
"
cipher_nemo wrote:
Really pissed off that this happened,
moderately pissed at GGG for not finding this quickly,
but very happy you informed us right away when you found out.

GGG, have you taken any steps to secure your own work environment to prevent this sort of attack in the future, or at least be aware of it sooner? 10 days is a long time. Intrusion detection system, please.

Also, if accounts get hijacked because of this, are you going to be restoring people's items/characters/whatever?


Actually, only about one third of companies ever notice they've been breached at all, and on average breaches take anywhere from 4-6 months to detect. Ten days? Colour me impressed.
Well probably Great PUTIN cant wait for expansion for his favorite game and he want to check new content before ^^
IGN KotsaPL
"
electrikapricot wrote:
Actually, only about one third of companies ever notice they've been breached at all, and on average breaches take anywhere from 4-6 months to detect. Ten days? Colour me impressed.

That's because those companies are lumbering, bloated beasts with no clue about the concept of intrusion detection. They're all running on security concepts from years ago and slow to adapt.

I work for Penn State University, specifically in the College of Engineering (COE), and we were hacked by agents in the Chinese government in 2015. No one here knew about it for months (for YEARS since the original infiltration), because we had no intrusion detection system or process in place. It was the FBI who had to tell us, "hey idiots, your systems have been hijacked for some time now, do something". The same happens to a lot of big companies and institutions. And just like everyone else, Penn State took a reactionary approach instead of a preventative approach.

When you're big enough, you should have an netops security team (even if it's just a person or two) to perform intrusion detection all the time. That includes, but is not limited to suspicious traffic, suspicious files hanging around, resized binaries, modified files, etc. Since GGG had this breach, it's safe to say no one was monitoring all of this each day. All it takes is one less than secure access point on your network (an outdated client system, etc.) to gain access.

As a more technical example, was anyone at GGG using these processes? Probably not.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░░░░░░░░░ cipher_nemo ░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Last edited by cipher_nemo#6436 on Mar 29, 2017, 9:59:22 AM
Thanks for the speedy heads up!

I hope other game companies (or any companies, really) are paying attention to your practices around transparency and community relations. Much appreciated.
"
cipher_nemo wrote:
That's because those companies are lumbering, bloated beasts with no clue about the concept of intrusion detection. They're all running on security concepts from years ago and slow to adapt.

I work for Penn State University, specifically in the College of Engineering (COE), and we were hacked by agents in the Chinese government in 2015. No one here knew about it for months (for YEARS since the original infiltration), because we had no intrusion detection system or process in place. It was the FBI who had to tell us, "hey idiots, your systems have been hijacked for some time now, do something". The same happens to a lot of big companies and institutions. And just like everyone else, Penn State took a reactionary approach instead of a preventative approach.

When you're big enough, you should have an netops security team (even if it's just a person or two) to perform intrusion detection all the time. That includes, but is not limited to suspicious traffic, suspicious files hanging around, resized binaries, modified files, etc. Since GGG had this breach, it's safe to say no one was monitoring all of this each day. All it takes is one less than secure access point on your network (an outdated client system, etc.) to gain access.

As a more technical example, was anyone at GGG using these processes? Probably not.


That seems like a great resource and I am glad they mentioned Snort! That's also an interesting tale so thank you for sharing; unfortunately, I can't say I'm surprised. I don't disagree that some sort of IDS would be wise, I guess I'm just uncertain what sort of resources GGG has to throw at it.

If such breaches affect major institutions with a bunch of funding at their disposal all the time, I can't particularly fault a small F2P gaming company largely relying on user donations for finding it faster than most and disclosing it promptly afterwards.
Thanks for your information.
I changed password AND mailadress, feel save again. ;)

-= I would die sleeping like my Grandpa, not crying like his co-driver = -
I told'ye the Breach League is REAL!
nice new map spoil at the end the last on on the line does not existe in poe atm :)

Report Forum Post

Report Account:

Report Type

Additional Info