ghost107 wrote:

Superman0X wrote: MeiuAngel wrote: This thread is old. From March. I'm not entirely sure who necroed it or why, as there hasn't been a recurrence of the issue o-o   The account/pw/email list was made public this week.   In my opinion password is not a problem(they said the have the password encrypted), but the most difficult problem is the Email, since you can receive spam on your email with this.

Regardless if passwords were encrypted or not, it is always recommended to change passwords in a regular basis using strong-passwords at least 8-Characters long with Combination of Upper Case-Lower Case letters, Numbers, and non-Alpha Numeric chars such as @#!$%& etc. Just like you can encrypt something, there tools out there for decryption as well . Always play safe, never be in doubt!.

Superman0X wrote:

It appears that Gamigo has "detected an illegal intrusion into [its] gamigo account system." They are still working on the details... but this is a warning that if you have used the same username/password combination on Gamigo anywhere else... now is the time to change it. News Link --Update-- It looks like things have not gone well. You can find more details here. Update 23 July 12 http://massively.joystiq.com/2012/07/23/eight-million-gamigo-user-accounts-compromised/

Except the information on about how many accounts have been compromised, nothing new in that "news". As one of those concerned i never trusted gamigos own press releases and decided very early to go for several password changes.
One of the sites that reroll these "news" clearly shows what triggered this old storys revival: a new press release from gamigo, saying that after another verification of some sort after that site claimed to have the complete stolen data "nothing new" could be found.

Concerned players knew from the start, that they could not trust the (quite delayed - up to three weeks after the incident) warnings, had to change their passwords and that nothing in the databases stolen really was encrypted better than with MD5 in contradiction to what gamigo promised after the big hacker attack that messed up la lot of ingame accounts one year before.
Startup problems of the new gamigo account system which made it impossible to actually change your password again (first by software bug then by unavailability because every gamigo player tried to login) after a total automated pw change was also not so funny then.

So not really "news". Been there, wasn´t fun at all, not so nice to be remembered, but still nothing new.

Anyone else to exhume older history ?
I will be very polite and not say if i believe anyone will have learned from incidents like that - and that´s not adressed to players.

ghostcannon wrote:

Just like you can encrypt something, there tools out there for decryption as well . Always play safe, never be in doubt!.

If they used md5 hashing or combined with other one way encryption, I can ensure you it will be nearly impossible to crack it.

For md5 there are rainbow talbles(databases with md5 passwords, but not the full database, 1.2million hashes in what I remember, but the rest are mising), but combined with other one way encryption's(like MD5, Base64, SHA512, SHA1) this will be nearly impossible to crack.

yesterday i transferred my ijji account to aeriagames along with 4
other accounts i have. And today when i logged on, they are all
banned???!?! says i violated terms of service when i try to reset password. I read the terms of service and i did not violate anything. My username starts with gundam or golemslord which is not offensve right?...

ghost107 wrote:

ghostcannon wrote: Just like you can encrypt something, there tools out there for decryption as well . Always play safe, never be in doubt!.   If they used md5 hashing or combined with other one way encryption, I can ensure you it will be nearly impossible to crack it. For md5 there are rainbow talbles(databases with md5 passwords, but not the full database, 1.2million hashes in what I remember, but the rest are mising), but combined with other one way encryption's(like MD5, Base64, SHA512, SHA1) this will be nearly impossible to crack.

The problem is: nothing more than MD5 was used, in most cases plain text entries of passwords undergoing the database change to MD5 were not deleted but still resident.

Still, that "news" is not so new. I believe the stolen data will cough up every now and then, this was such a time.
Gamigo officials state again that every measure has been taken and security has been improved, just like they did after the last two successful attacks.

Gamingo Security is Wood base ?

They are more likely target easy to get pass gamecompany(Gamgio/Blizzard/EAGames) to harder gamecompany security (Which is aeriagames)

ewe