8 million passwords leaked from Gamigo gaming service

A cyber attack on the Gamigo PC online gaming service a few months ago has resulted in eight million passwords and email addresses from the service finding their way to a public website. Gamigo first reported the cyber attack in March and forced all of its users to change their passwords at that time.

Forbes.com reports that the massive list of passwords was posted on the Inside Pro message boards, which is a haven for password cracking hackers. While the passwords from Gamigo were hashed when they were posted on the forums, it appears that the passwords could still be deciphered by hackers. The list of passwords has since been removed by the message board.

While Gamigo did make all of its users change their passwords at the time the cyber attack was found, it's more than possible that a number of those passwords may have been reused by Gamigo's customers for other online accounts. Anyone who uses the service and was forced to create a new password a few months ago should make sure their old Gamigo password is not being used by any other online service they may be subscribed to.

So far, Gamigo has yet to comment on this password list becoming public.

Source: Forbes.com

Report a problem with article
Previous Story

Microsoft "Cool Is in Session" sweepstakes launched

Next Story

New Zealand piracy halved by the three strike law, the industry says

4 Comments

Commenting is disabled on this article.

Usually I'm not the first to call for such things, but boy, we need some laws covering these things that put clear guidelines for companies how to
•prevent
•how and where to communicate
•how quick to communicate
•pay charges on violation

GS:ios

Glassed Silver said,
Usually I'm not the first to call for such things, but boy, we need some laws covering these things that put clear guidelines for companies how to
•prevent
•how and where to communicate
•how quick to communicate
•pay charges on violation

GS:ios

In the UK they already exist - it's the data protection act.

dangel said,

In the UK they already exist - it's the data protection act.

And in the UK and the US like every-where else, it's universally ignored.
In fact, go look at faceparty, they seem to say they work with the governent and thawrte yet they don't have SSL, nor process payments, and the ICO doesn't have any details for them, have they been prosecuted? No.