Seriously though, the e-mail looked a LOT like the scam and phishing e-mails I receive all the time.
I know, and GMail insited it was a phishing mail, and nothing was in my inbox, it had ended up in my junk box for some reason...
Allso, did this happen as far back as 2010? If so that is highly disturbing, and makes me all the more happy that BioWare went for authenticators for TOR...
I like to think that Perfect World now have a policy to review log files on their DB servers that applies to their subsidiaries. Some poor tech waded through 2 years of reports to discover that omg.. There hasn't been a blue post announcing how the attack was able to take place and what has been done to rectify the problem, and there probably won't be given Cryptic's track record on communicating with their clients. I hope they change the password and consider a patch or two at least (pls). On the plus side, if someone is reviewing the logs then Cryptic will be able to tell us sooner when they get TRIBBLE next lol.
Ironic i'm in IT i could see this coming in early game MMOs in 2010 there was a influx of hackers and even under Atari's control STO and others were vulnerable. Hackers back then were less secretive as they are now with all these groups forming that are grey hackers or as IT guys like me call them Crackers, there's a distinction, a hacker tests security for defects and fixes them which is considered White Hat hacking while cracking is where someone cracks the system and does purposeful harm and gets the information we all need to keep secret. So the term "hacking" is not entirely accurate and since the bad guys are more secretive and more stealthy its harder to tell if your being cracked or not.
I see from a quick google of "crypitic accounts TRIBBLE" that this news has hit the media and loads of you, like myself, have removed their card details from a system that simply cannot be trusted. It will take a huge efffort on cryptics part to dig their way out of this PR disaster - just look at the sony network problems and subsequent lack of trust that caused.
Do we have an appology from the top - no
Do we have free card monitoring/protection offered - no
Do we even know exactly how the intrusion was found - no
Do we have any explanation of the "cant login" problems yesterday - no
Do we know what is being done to stop future attacks - no
Do we have the usual "head in the sand til it goes away" - YES (apart from poor Branflakes who gets the short straw every time bad news appears)
The most ironic thing is that this mess not the forums outcry will put a dampener on the lockbox purchases as noone will trust the system to buy any points.
I see from a quick google of "crypitic accounts TRIBBLE" that this news has hit the media and loads of you, like myself, have removed their card details from a system that simply cannot be trusted. It will take a huge efffort on cryptics part to dig their way out of this PR disaster - just look at the sony network problems and subsequent lack of trust that caused.
Do we have an appology from the top - no
Do we have free card monitoring/protection offered - no
Do we even know exactly how the intrusion was found - no
Do we have any explanation of the "cant login" problems yesterday - no
Do we know what is being done to stop future attacks - no
Do we have the usual "head in the sand til it goes away" - YES (apart from poor Branflakes who gets the short straw every time bad news appears)
The most ironic thing is that this mess not the forums outcry will put a dampener on the lockbox purchases as noone will trust the system to buy any points.
Good Idea even though im a 2011 signup guy i have a lifetime subscription i got that year and i got all i wanted from the C Store and the D'Kora so im fine, but as precaution i took off my card information ill just be playing the game from now on and enjoy the lifetime sub and thats that
:mad::mad: I find it hard to believe that only now (April 25, 2012) Cryptic finally realized that they had been TRIBBLE. Obviously, they were aware of this incident months ago back in December 2010. With all of the server crashes we (the players) recently been experiencing, it was passed off as a software issue with an update or that the servers could not handle the heavy load of players on at that time. Whether or not that may have been the case, but with the "top-leveled" programmers and engineers on staff there at Cryptic, I do not believe that it was a bad update. Meanwhile, Cryptic finally decided to reset the infected server with most of the accounts on it. We were just notified of this incident as we were logging into the game now (April 25, 2012) to reset our passwords.
With the huge time gap from the hacking incident until now (April 25, 2012), there is someone or some group out there using our identities from the information they acquired (stolen) to make purchases we (the players) can only imagine. So, Cryptic please be more forth-coming if another incident of this type occurs again; even if it's small, please let us know when it happens instead of after the fact.
I left because of horrific customer service that certainly was not vigilant in any way, heck I STILL cannot see the tickets I raised nor have any been answered in two years. Guess one of my toons is still broken too. This is pretty terrible and shoddy. I feel for the fleets that have had TRIBBLE players and their entire banks stolen and not replaced. Searching for invisible keyloggers sounds like a standard customer service response. Does the former Iraqi Information Minister work for Cryptic?
This is just the icing on the cake really, been gone a while and as it turns out the IT security is on the same level as the customer service team.
Looking forward to the next episode of TechSNAP war story.
How could anyone TRIBBLE up this bad? Terrible customer service, very little support, questionable security and to top it off still no acknowledgement of tickets or help to your userbase. Blaming other people or "external" sources earlier does not help you case or side one bit.
It is very sad to see the Star Trek IP in the hands of Cryptic and the terrible manner it is being managed. I would go as far to say it has put me off Star Trek.
I wish everyone good luck, it is not down to the staff but more of the company as a whole and their information security or auditing policy.
Hey, Cryptic, Gmail decided your password reset emails were phishy and spam-foldered them for me, too. Seems to be happening to a lot of people. Maybe there's some way you can let Google know they're real, or something?
well in all fairness to Cryptic this was actually an Atari issue, that I got an email about, oh after my account and several others did get TRIBBLE. I did not have a simple password at all, it was rather complex. Since this occurred in 2010, its a touch late to reset passwords as the damage is already been done to many of our accounts.
Several fleets were completely wiped clean by the hacking group, I myself, fortunately was on line when I got TRIBBLE, so I was able to get the Rouge off my account, but not until they took all the EC from my characters and from the fleet banks which i was part of. Fortunately the group I played with has several banks and several times over what was taken in the hack. Which Cryptic stated is unable to "refund" 200 million EC. Yeah, good job there team. That was a lot of work for nothing.
Still, In all fairness too, hey those things happen. But there are some simple things that Cryptic needs to do asap to correct the issue.
remove the @handle from being displayed. No, sorry, simply redoing the acct with a perfect world acct ISN'T fixing the issue. its a band aid on something many of us pointed out to Cryptic from the start in Closed Beta.
have time out sessions on the login. You miss it X times system shuts you out for X minutes AND sends an email to the primary account.
OR created a way of changing the @handle in game so it no longer matches the Cryptic login that many of us use.
Thank you all for at least being honest about the time frame and taking steps now, but team, its 15 months after the fact, and the damage is already done. Many fleets and your paying clients suffered setbacks that ruined our experience and has given us much pause in trust and investing further into the game and company. The steps noted above is STANDARD on any other MMO that I have played, including f2p models.
i have asked for the reset following the link 5 times now and i still havnt recived an email(there are also no emails in the spam folder)this is getting to be a bit of a joke now
i have asked for the reset following the link 5 times now and i still havnt recived an email(there are also no emails in the spam folder)this is getting to be a bit of a joke now
Same thing happened to me. Turns out the 8th reset attempt actually resulted in a reset email making it to my inbox.
Well Cryptic looks like its all over the game sites and tech sites like CVG and N4G, way to go :mad: and well F2P because of this could significantly lose sign-ups and then what are you gonna do? I love this game i really do but seriously go back to the subscriptions and severe any loose ends or lackadaisical employees in that Studio you guys work in and lock up the openings for hackers then once you have the payers satisfied start doing more content. Then you keep us!!!
OR created a way of changing the @handle in game so it no longer matches the Cryptic login that many of us use.
I don't use the same @handle and my login name personally and I know a few others don't, the option is there but I don't think it's mandeotry, if it was, that might make it better.
As for removing the @handle from being displayed, that would be a problem, if you have JohnSmith@UserName and JohnSmith@DiffName, how would you tell them aparat?
So, how about *some* kind of explanation why this incident was not discovered until now? I hate to say this, but the timing was pretty close to the F2P launch, so it would have been bad PR if they had announced it right before then...
Be sure to check your SPAM / JUNK box for the reset link if you aren't getting the reset link after entering you email address, Thats where my was sent. Was a little worried after entering it a few more times and still nothing.
Glad to see it was Gmail being overly protective against the evil Cryptic email spam :P
i think Yahoo does it too. and someone's servers were not talking last night. i didn't get the emails for 4+hours (timestamps from yahoo inbox. did it a few minutes ago and it worked fine. that was PWs support page BTW
And if I was a smart hacker, which these guys obviously were, I'd keep coming back as often as I could between now and then to pharm accounts, and not stop till the locks finally got changed.
When are we going to be forced to make a PW account and link it with our Cryptic account? I'd better not have to ever. I will not do it.
You don't ever HAVE to link your Cryptic acct with a PWE account...who told you you did? They lied...
Mine is still just a Cryptic account. No problems...
December of 2010? That's a long time ago. My password has been through many changes since then... plus the card I had on file expired. So I guess I'm good?
Edit: it should also be made more clear that you have to directly go to the STO link in this thread or the link in the email, since the usual "try to sign in, click "forgot password" " route takes you to PWE's site - which is useless for unmerged accounts.
I don't use the same @handle and my login name personally and I know a few others don't, the option is there but I don't think it's mandeotry, if it was, that might make it better.
As for removing the @handle from being displayed, that would be a problem, if you have JohnSmith@UserName and JohnSmith@DiffName, how would you tell them aparat?
On the original accounts you did not have that option. The @ handle was the same.
but that isn't the issue. Atari left a spreadsheet exposed that was view-able for several weeks that had a large list of account names and password to several accounts. Understand I ran with a very large password that did have numbers, capitals and numbers all mixed in and was not a standard word. I submitted the proper procedure several months ago when the hacks began and quietly worked with Cryptic who did go out of their way to help me in anyway they could given the limitations of the tech who assisted me. Kuddo's to them on that.
Oh the server can see who is who, which is fine, the comment is made so that the players or potential hackers can not see the @name, which matters little. Much like "John smith" and "John smith" we meet in real life, we know then by several diff ways.
Does this means that all infractions and bans from the last 18 months will be removed from accounts? After all your security failed us and people who were banned and such could in theory have just been TRIBBLE and their accounts used for trolling.
So, how about *some* kind of explanation why this incident was not discovered until now?
Short version? (from my own experience dealing with these matters, and deductions about things)
Typically the only way to detect something like this is to spend an absurd amount of man-hours pouring through database access records. And when you're talking about the accounts database, which receives an large amount of traffic since it covers both Champions Online and Star Trek Online, you can only imagine how many records can be created in an hour, let alone a day or a month.
My 2 cents on the matter?
Atari probably didn't give Cryptic sufficient funding to have an adequate network security staff to:
a) Secure their databases
b) Monitor database access
c) Perform security audits
If you want to be mad at someone, be mad at Atari for treating Cryptic like a piece of Targ excrement while they owned them. Don't be mad at Cryptic. Heck, be thankful to Perfect World for once, since the only reason it was probably discovered this recently was PWE increasing their funding to have a proper security team.
Does this means that all infractions and bans from the last 18 months will be removed from accounts? After all your security failed us and people who were banned and such could in theory have just been TRIBBLE and their accounts used for trolling.
Well, as others have said, it is all over the news now.
Shardwarrior makes an excellent point about 6 posts down on this site:
Log out of your account on the main page, then click on the link.
Thanks for the advice mate but it seems that my AOL account has been blocked due to "suspicious activity" to make matters worse so if I log out of here I can't get back in.
Really wish they'd given us some warning before hand here on the forums.
As it stands, without being able to access the email address it's starting to look like I've lost my life time account and two years of gameplay.
Comments
So maybe thats it
I know, and GMail insited it was a phishing mail, and nothing was in my inbox, it had ended up in my junk box for some reason...
Allso, did this happen as far back as 2010? If so that is highly disturbing, and makes me all the more happy that BioWare went for authenticators for TOR...
Do we have an appology from the top - no
Do we have free card monitoring/protection offered - no
Do we even know exactly how the intrusion was found - no
Do we have any explanation of the "cant login" problems yesterday - no
Do we know what is being done to stop future attacks - no
Do we have the usual "head in the sand til it goes away" - YES (apart from poor Branflakes who gets the short straw every time bad news appears)
The most ironic thing is that this mess not the forums outcry will put a dampener on the lockbox purchases as noone will trust the system to buy any points.
Good Idea even though im a 2011 signup guy i have a lifetime subscription i got that year and i got all i wanted from the C Store and the D'Kora so im fine, but as precaution i took off my card information ill just be playing the game from now on and enjoy the lifetime sub and thats that
With the huge time gap from the hacking incident until now (April 25, 2012), there is someone or some group out there using our identities from the information they acquired (stolen) to make purchases we (the players) can only imagine. So, Cryptic please be more forth-coming if another incident of this type occurs again; even if it's small, please let us know when it happens instead of after the fact.
This is just the icing on the cake really, been gone a while and as it turns out the IT security is on the same level as the customer service team.
Looking forward to the next episode of TechSNAP war story.
How could anyone TRIBBLE up this bad? Terrible customer service, very little support, questionable security and to top it off still no acknowledgement of tickets or help to your userbase. Blaming other people or "external" sources earlier does not help you case or side one bit.
It is very sad to see the Star Trek IP in the hands of Cryptic and the terrible manner it is being managed. I would go as far to say it has put me off Star Trek.
I wish everyone good luck, it is not down to the staff but more of the company as a whole and their information security or auditing policy.
Several fleets were completely wiped clean by the hacking group, I myself, fortunately was on line when I got TRIBBLE, so I was able to get the Rouge off my account, but not until they took all the EC from my characters and from the fleet banks which i was part of. Fortunately the group I played with has several banks and several times over what was taken in the hack. Which Cryptic stated is unable to "refund" 200 million EC. Yeah, good job there team. That was a lot of work for nothing.
Still, In all fairness too, hey those things happen. But there are some simple things that Cryptic needs to do asap to correct the issue.
- remove the @handle from being displayed. No, sorry, simply redoing the acct with a perfect world acct ISN'T fixing the issue. its a band aid on something many of us pointed out to Cryptic from the start in Closed Beta.
- have time out sessions on the login. You miss it X times system shuts you out for X minutes AND sends an email to the primary account.
- OR created a way of changing the @handle in game so it no longer matches the Cryptic login that many of us use.
Thank you all for at least being honest about the time frame and taking steps now, but team, its 15 months after the fact, and the damage is already done. Many fleets and your paying clients suffered setbacks that ruined our experience and has given us much pause in trust and investing further into the game and company. The steps noted above is STANDARD on any other MMO that I have played, including f2p models.Same thing happened to me. Turns out the 8th reset attempt actually resulted in a reset email making it to my inbox.
Soooooo broken...
Simple as that :eek::eek::eek:
I don't use the same @handle and my login name personally and I know a few others don't, the option is there but I don't think it's mandeotry, if it was, that might make it better.
As for removing the @handle from being displayed, that would be a problem, if you have JohnSmith@UserName and JohnSmith@DiffName, how would you tell them aparat?
The unauthorized access occurred in December 2010
STO went F2P in January 2012
i think Yahoo does it too. and someone's servers were not talking last night. i didn't get the emails for 4+hours (timestamps from yahoo inbox. did it a few minutes ago and it worked fine. that was PWs support page BTW
And if I was a smart hacker, which these guys obviously were, I'd keep coming back as often as I could between now and then to pharm accounts, and not stop till the locks finally got changed.
In 2012.
Epic fail goes to Cryptic for that.
You don't ever HAVE to link your Cryptic acct with a PWE account...who told you you did? They lied...
Mine is still just a Cryptic account. No problems...
Edit: it should also be made more clear that you have to directly go to the STO link in this thread or the link in the email, since the usual "try to sign in, click "forgot password" " route takes you to PWE's site - which is useless for unmerged accounts.
On the original accounts you did not have that option. The @ handle was the same.
but that isn't the issue. Atari left a spreadsheet exposed that was view-able for several weeks that had a large list of account names and password to several accounts. Understand I ran with a very large password that did have numbers, capitals and numbers all mixed in and was not a standard word. I submitted the proper procedure several months ago when the hacks began and quietly worked with Cryptic who did go out of their way to help me in anyway they could given the limitations of the tech who assisted me. Kuddo's to them on that.
Oh the server can see who is who, which is fine, the comment is made so that the players or potential hackers can not see the @name, which matters little. Much like "John smith" and "John smith" we meet in real life, we know then by several diff ways.
Short version? (from my own experience dealing with these matters, and deductions about things)
Typically the only way to detect something like this is to spend an absurd amount of man-hours pouring through database access records. And when you're talking about the accounts database, which receives an large amount of traffic since it covers both Champions Online and Star Trek Online, you can only imagine how many records can be created in an hour, let alone a day or a month.
My 2 cents on the matter?
Atari probably didn't give Cryptic sufficient funding to have an adequate network security staff to:
a) Secure their databases
b) Monitor database access
c) Perform security audits
If you want to be mad at someone, be mad at Atari for treating Cryptic like a piece of Targ excrement while they owned them. Don't be mad at Cryptic. Heck, be thankful to Perfect World for once, since the only reason it was probably discovered this recently was PWE increasing their funding to have a proper security team.
I'm not having any luck logging in and can't access the ticket system because it won't accept my password.
Every time I click on the link it just takes me to the main page.
Log out of your account on the main page, then click on the link.
Well, as others have said, it is all over the news now.
Shardwarrior makes an excellent point about 6 posts down on this site:
http://www.mmorpg.com/mobile/forums.cfm?ismb=1&postId=4933650#4933650
Cryptic could be in some doo-doo for the handling of the credit card information.
I did that, and I lost everything. I couldn't log back into this account at all, at my home PC.
Thanks for the advice mate but it seems that my AOL account has been blocked due to "suspicious activity" to make matters worse so if I log out of here I can't get back in.
Really wish they'd given us some warning before hand here on the forums.
As it stands, without being able to access the email address it's starting to look like I've lost my life time account and two years of gameplay.
+1. Wear it like a dunce cap!