Published on April 2nd, 2013 | by Callum Shephard0
The War Z Taken Offline – Forum AND Game Database Hacked
If there was any part of you which still felt that The War Z might be worth a look here’s another reason why not.
Visitors to the game and its official forums were greeted today with a rather ominous message detailing yet another hacker problem for the game. While The War Z has become infamous for its on-going issues with hackers and questionable methods of dealing with them, this one appeared to be far more serious than usual. The message in question, which can be found here, began with the following:
“We are sorry to report that we have discovered that hackers gained access to our forum and game databases and the player data in those databases. We have launched a thorough investigation covering our entire system to determine the scope of the intrusion. This investigation is ongoing and is our top priority. As part of the remediation and security enhancement process we will be taking the game and forums down temporarily.“
Further details followed this such as informing players that the game’s development team were working with external advisors and attempting to enhance security. Implementing further measures to try and avoid a repeat of this issue in the future while encouraging those who were a part of the game to take their own precautionary measures to deal with the security breach.
The message specified that the hackers had accessed a multitude of personal data such as personal e-mails used for the forums, those used to log into the game, game passwords, character data and computer IP addresses. More concerning is that even more information than just this might have been taken. The only good news is that, according to the letter, no payment information was exposed and it is apparently not at risk.
The letter encourages any players to change their passwords to any relevant information such as e-mails they might have used immediately. The message announced that the passwords used for the forums and game had been encrypted, which to quote an article in Arstechnica likely means that “they were passed through a one-way cryptographic hash algorithm that converts plaintext such as “password” into a theoretically unique string of characters such as “5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8.”“ As the article also pointed out however, assurance about these encryptions is largely meaningless as the advisory did not specify which algorithm was used nor if “cryptographic “salt” was added”.
To give them credit Hammerpoint Interactive’s methods of dealing with this threat are far more professional than has been suggested in previous years. Rather than banning members at random, a long alledged means by the development team to “scare off” hackers, they are focusing upon improving security:
“We have engaged outside experts and investigators to assist in our investigation of this incident and committed substantial resources to that effort. We have identified number of ways access was obtained and have enhanced our security to improve game and forum safety. We are undertaking a full review and update of our servers and the services we use and adding additional security mechanisms. In addition to this post, we are emailing all of our players just to make certain that everyone is informed and has been advised to change their passwords.”
It concludes finally with the following statement: “This has been a humbling experience for us. While we all know that there is no guaranty of security on the internet, our goal is to try our very best to protect your data. We sincerely apologize.”
Given The War Z’s very tumultuous history, this should be a wakeup call for Hammerpoint Interactive. Along with the PR nightmare they have caused for themselves, the masses of problems which have plagued the game such as attempted blackmail of certain parts of its playerbase and with the game having been released in a clearly unfinished state, The War Z is now in a very precarious position. This could very easily be the final nail in the game’s coffin to drive customers away and for any devoted playerbase it might have to abandon ship. Back in the 17th of December a PCGamer article quoted Hammerpoint claiming that The War Z still held more than 600,000 registered accounts and had a daily player count of around 150,000. Whether or not the game will maintain that level of activity once it is brought back online remains to be seen.