bit-tech.net

Go Back   bit-tech.net Forums > bit-tech.net > Article Discussion

Reply
 
Thread Tools
Old 3rd Jul 2013, 08:48   #1
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,098
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
Ubisoft coughs to major data breach

Users' personal details accessed by attacker.
http://www.bit-tech.net/news/gaming/...isoft-breach/1
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is offline   Reply With Quote
Old 3rd Jul 2013, 09:47   #2
mi1ez
Game Boy Modder
 
Join Date: Jun 2009
Location: Sydney, Australia
Posts: 1,137
mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!
At least passwords were hashed. Would rather all details were, and (as stated) salted too, but we've seen worse!
__________________
The Angel Delights?
mi1ez is offline   Reply With Quote
Old 3rd Jul 2013, 09:55   #3
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,098
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
Quote:
Originally Posted by mi1ez View Post
At least passwords were hashed. Would rather all details were, and (as stated) salted too, but we've seen worse!
You can't really hash all details: what use would a hashed email address be to Ubisoft? It can't send adverts to 677b5891ea278a439b8539b438d82a08...
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is offline   Reply With Quote
Old 3rd Jul 2013, 10:01   #4
Andy Mc
I *am* a Dremel
 
Andy Mc's Avatar
 
Join Date: May 2002
Location: In a house.
Posts: 1,640
Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.Andy Mc is definitely a rep cheat.
Yeah got an email yesterday evening telling me to change my password, which I did.

Pro tip: if you use the same password for the email account as your Ubisoft account, then you may want to change your email password too.
__________________

Andy Mc is online now   Reply With Quote
Old 3rd Jul 2013, 10:06   #5
mi1ez
Game Boy Modder
 
Join Date: Jun 2009
Location: Sydney, Australia
Posts: 1,137
mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!mi1ez - it's over 9000!!!!!!!!1!1!1!!!
Quote:
Originally Posted by Gareth Halfacree
You can't really hash all details: what use would a hashed email address be to Ubisoft? It can't send adverts to 677b5891ea278a439b8539b438d82a08...
We'll just call that a cheeky bonus!
__________________
The Angel Delights?
mi1ez is offline   Reply With Quote
Old 3rd Jul 2013, 10:29   #6
CrazyJoe
Ultramodder
 
CrazyJoe's Avatar
 
Join Date: Aug 2010
Location: Glasgow
Posts: 1,367
CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.CrazyJoe is the Cheesecake. Relix smiles down upon them.
It's all just a stunt to advertise Watch Dogs.
CrazyJoe is offline   Reply With Quote
Old 3rd Jul 2013, 11:27   #7
rpsgc
Multimodder
 
rpsgc's Avatar
 
Join Date: Aug 2006
Location: Portugal
Posts: 122
rpsgc has yet to learn the way of the Dremel
I think enforcing the death penalty for these kinds of actions would be a good dissuader.


No, I'm serious. These hackers are scum and deserve whatever they get.
rpsgc is offline   Reply With Quote
Old 3rd Jul 2013, 11:46   #8
miller
Multimodder
 
Join Date: Jun 2013
Posts: 175
miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.
I wonder if companies like Ubisoft, Sony, MS, etc, that store this info were to use similar security measures that online banking uses if people would actually pay for that level of security to keep their data secure, agreed some companies like Sony who were hacked made little attempt at security but if we want serious data security maybe we should expect to pay a little for it?

INCOMING
miller is offline   Reply With Quote
Old 3rd Jul 2013, 14:21   #9
forum_user
forum_title
 
Join Date: Jan 2012
Posts: 235
forum_user has yet to learn the way of the Dremel
It'll be the NS* collecting more data on us.
forum_user is offline   Reply With Quote
Old 3rd Jul 2013, 14:24   #10
Fingers66
Kiwi in London
 
Fingers66's Avatar
 
Join Date: Apr 2010
Location: London, UK
Posts: 6,929
Fingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming SaiyanFingers66 is a Super Spamming Saiyan
Quote:
Originally Posted by miller View Post
I wonder if companies like Ubisoft, Sony, MS, etc, that store this info were to use similar security measures that online banking uses if people would actually pay for that level of security to keep their data secure, agreed some companies like Sony who were hacked made little attempt at security but if we want serious data security maybe we should expect to pay a little for it?

INCOMING
Surely the money we are paying them for the games and DLC, which is a lot more than the annual fees we pay our banks, is enough to expect them to keep our details secure?
__________________
Gaming: [Silverstone TJ08-E][MSI Z87M Gaming][i5-4670K][Corsair H55][8GB 1866MHz][Asus 7970 DCUII TOP][Samsung 840 Pro 256GB][Corsair HX650][Dell U2412M][Corsair K60]
Main: [Lian Li PC-A04][Asus Z97M-Plus][i7-4770K][Corsair H55][16GB 1600MHz][iGPU][Corsair Force 3 120GB][Seasonic X-650 Gold]
Kids: [Silverstone SG05B][Asus H87I-Plus][i3-4330][8GB 1600MHz][Asus 6850 DirectCU][Crucial M4 256GB][ST45SF 450w][Dell E207WFP]
NAS 1:[Synology DS211j] NAS 2:[OMV]
Fingers66 is offline   Reply With Quote
Old 3rd Jul 2013, 14:51   #11
jimmyjj
Hypermodder
 
Join Date: Jul 2010
Posts: 645
jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.jimmyjj is the Cheesecake. Relix smiles down upon them.
Those wank*rs (ubisoft)

I only have an Ubisoft account because of their shitty DRM and now they go and lose my data.
__________________
Asus P8P67, 2500k (stock), 8GB vengeance, GTX770 (EVGA AC SC), U2412M, Intel 330 180GB SSD
jimmyjj is offline   Reply With Quote
Old 3rd Jul 2013, 15:06   #12
liratheal
Sharing is caring
 
liratheal's Avatar
 
Join Date: Nov 2005
Location: Lichfield, UK
Posts: 7,661
liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.liratheal is the Cheesecake. Relix smiles down upon them.
It's been so long since I used my ubisoft account I can't remember what my password was before today anyway..
__________________
Shadow Moses: Windows 7, Asus Sabertooth X58, 12gb Corsair XMS3, i7 950, 2x XFX 6870 1gb's, Corsair 1kw
Groznyjgrad: Storage Server 2012, Gigabyte Z77-D3h, i3 2100, 16gb DDR3, 5xWD 1tb, 5x Seagate 1tb
2008 Mondeo estate
Focus RS Mk1; Build number 1506
liratheal is offline   Reply With Quote
Old 3rd Jul 2013, 16:03   #13
Artanix
puts the king in Lurking.
 
Artanix's Avatar
 
Join Date: Sep 2006
Location: Staffordshire
Posts: 135
Artanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpitArtanix is almost as Godly as yodasarmpit
Quote:
Originally Posted by rpsgc
I think enforcing the death penalty for these kinds of actions would be a good dissuader.
No, I'm serious. These hackers are scum and deserve whatever they get.
I know of at least a few places where people will hack something, and then notify the company of the vulnerability in their network. Just because something has been "accessed" doesn't always mean a bad thing.

If I told you I could break into your car in 5 seconds, you wouldn't believe me until I showed you.

Just for the record, I'm not saying this happening in this instance, and I'm not supporting "hacking", but seriously, people need to stop being so naive.
__________________
If common sense is so common,
Why is it so rare?
Artanix is offline   Reply With Quote
Old 3rd Jul 2013, 16:15   #14
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,098
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
Quote:
Originally Posted by Artanix View Post
If I told you I could break into your car in 5 seconds, you wouldn't believe me until I showed you.
Brick. Window. Job's a good 'un.
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is offline   Reply With Quote
Old 3rd Jul 2013, 16:24   #15
Dave Lister
Hypermodder
 
Dave Lister's Avatar
 
Join Date: Sep 2009
Location: France / UK
Posts: 679
Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.Dave Lister is a hoopy frood who really knows where their towel is.
I had an email about this - this morning, encouraging me to change my password. The problem is when I try, it asks me to enable cookies (chrome with adblock & donottrackme) is that itself not a security risk ?
__________________
Main Rig:Case: BitFenix Prodigy, Motherboard: MSI Z97I Gaming, CPU: Intel i7 4790K, RAM: 16Gb 2400Mhz Kingston HyperX Beast GPU: MSI GTX 970 Gaming, Primary HDD: 256Gb Samsung 850 Pro, Games Drive: 1Tb Toshiba SSHD, Cooler: Corsair H105, OS: Win 7 - 64
HTPC:Case: Gutted out VCR, Motherboard: Asus AT5IONT-I, CPU: Intel Atom D525 @ 1.94Ghz, RAM: 4Gb 1333Mhz Kingston GPU: Nvidia Ion 2, Primary HDD: Hitachi 500Gb, Optical Drive: NEC ND-6500A Laptop Drive, OS: Win 8.1 32
Dave Lister is online now   Reply With Quote
Old 3rd Jul 2013, 16:40   #16
miller
Multimodder
 
Join Date: Jun 2013
Posts: 175
miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.miller is definitely a rep cheat.
Quote:
Originally Posted by Fingers66 View Post
Surely the money we are paying them for the games and DLC, which is a lot more than the annual fees we pay our banks, is enough to expect them to keep our details secure?
That would the argument that many people, myself included would say but clearly these companies are not prepared to spend the time, money and resources on data security, I wonder just how much money these companies make from online gaming as it can't be cheap to buy and maintain all the infrastructure.

I'd pay an extra say 5 a year for decent security and if the company still got hacked then they should have to give their customers some free gaming time, obviously it would not be popular but it was just a thought
miller is offline   Reply With Quote
Old 3rd Jul 2013, 17:50   #17
PabloFunky
Ultramodder
 
PabloFunky's Avatar
 
Join Date: Sep 2010
Location: UK
Posts: 1,165
PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.PabloFunky is definitely a rep cheat.
Created reset password.

Now when i try to log in, it says my email or password is incorrect.

What now?
__________________
X58 UD9: I7 930: 4 Loop; Monster2
PabloFunky is offline   Reply With Quote
Old 3rd Jul 2013, 18:38   #18
coyote
Modder
 
Join Date: Dec 2004
Posts: 64
coyote has yet to learn the way of the Dremel
I get the same when I try a cancel my? account. What's really worrying is that I have never played a Ubisoft game on line or otherwise. I have also never opened a Ubisoft account. I don't play games, never have really bothered with them. How the hell did Ubisoft get my e mail address? Very worrying and they are not being helpful at all.

My now departed (died a few years ago) brother hated games, his illness made him very bad tempered and his version of hell was playing an on line game, so I'm sure it nothing to do with him.

Last edited by coyote; 3rd Jul 2013 at 18:45.
coyote is offline   Reply With Quote
Old 3rd Jul 2013, 18:41   #19
Eiffie
Supermodder
 
Join Date: Oct 2010
Location: Syosset, NY
Posts: 364
Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.Eiffie is a hoopy frood who really knows where their towel is.
Got the e-mail about this as well early in the day as others have said. I don't really use UPlay anymore, not since Might & Magic Heroes 6 which I wish I could have fonder memories of. Changed my password anyway in case I need to use that service again. At least UPlay was pretty minimal and just did it's job when running along with steam. Maybe it's time to jump into Far Cry 3 later this year when the price drops.
__________________
I5-750 @ 4GHz - MSI P55-GD65 - 8GB Crucial DDR3 1600 - EVGA GTX 680 2GB - 1 Western Digital Black 1TB - 2 Western Digital Green 2TB - 700W Silverstone PSU - H50 Water Cooling Unit - Win7 64-Bit - Logitech G400 - Cooler Master QuickFire Pro MX Brown - Steelseries Icemat V2 - Blue Microphone Snowball - Logitech C920 Webcam
Eiffie is offline   Reply With Quote
Old 3rd Jul 2013, 20:08   #20
bawjaws
Hypermodder
 
Join Date: Dec 2010
Posts: 806
bawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyanbawjaws is a Super Spamming Saiyan
As an aside, I really don't like the way you guys now constantly use "coughs to" instead of "admits to" or "teases" instead of "previews". Is it because you're trying to fit in with the cool crowd?
bawjaws is offline   Reply With Quote
Reply

Tags
hash, password, salt, security, ubisoft, uplay, username, vulnerability

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 16:16.
Powered by: vBulletin Version 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.