1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News League of Legends breach leaks passwords, credit cards

Discussion in 'Article Discussion' started by Gareth Halfacree, 21 Aug 2013.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,576
    Likes Received:
    1,903
  2. Guinevere

    Guinevere Mega Mom

    Joined:
    8 May 2010
    Posts:
    2,477
    Likes Received:
    170
    It does beg the question if the payment system hasn't been used since 2011 why did they keep the hashed CC details in the database?

    Code:
    UPDATE customers_table
    SET cc_hash = '<safe>'
    WHERE date < '1/1/2012' AND security = 'Security? What security!'
     
  3. runadumb

    runadumb New Member

    Joined:
    20 Jan 2010
    Posts:
    424
    Likes Received:
    5
    At this point hackers dictionaries are so large and complex that even passwords many believe to be secure get hacked in minutes.

    We need a replacement for passwords and we need it yesterday.
     
  4. WarrenJ

    WarrenJ Well-Known Member

    Joined:
    14 Oct 2009
    Posts:
    2,700
    Likes Received:
    204
    or just have a very strong password.
     
  5. runadumb

    runadumb New Member

    Joined:
    20 Jan 2010
    Posts:
    424
    Likes Received:
    5
    LordPyrinc likes this.
  6. Artanix

    Artanix puts the king in Lurking.

    Joined:
    10 Sep 2006
    Posts:
    135
    Likes Received:
    7
    I thought it's illegal for any merchant to keep transaction details for more than a short period of time?

    The record of the transaction itself is kept, but I thought you can't keep any sort of card/personal details on file for too long?
     
  7. LordPyrinc

    LordPyrinc Legomaniac

    Joined:
    7 Mar 2008
    Posts:
    596
    Likes Received:
    5
    Great link. Very enlightening. Scary, but informative.

    Requiring users to change their password on a frequent basis would also help to mitigate some of the risk. As is, most sites only require a change once a data breach has happened. By then it could be too late, especially considering how long some companies drag their feet before publicizing the breach and notifying its customers.
     
  8. runadumb

    runadumb New Member

    Joined:
    20 Jan 2010
    Posts:
    424
    Likes Received:
    5
    Changing your passwords frequently, in my experience, leads to lower security as you now not only have to remember dozens (at least) passwords but also come up with new ones and then remember them.

    Bearing in mind each should be at least 12 characters in length, use numbers and a combination of uppercase/lowercase letters spaced out and not just at the beginning or end of a word and not use names, films or anything else that is now in a hackers dictionary.

    Passwords suck is what I'm saying.
     

Share This Page