>
An anonymous hacker published two posts on the player forum of Runes of Magic, one early on the 13th of January, and the other during the course of the 14th of January 2011, in which he threatens to publish customer data and internal company information. To reinforce his claims for changes to forum policy and some of the technical aspects of the game’s operation, he publicly posted the login details of around 2,000 players. To protect the affected players, the posts in question were immediately removed and secured as evidence by Frogster. This attack constitutes a serious criminal offence and Frogster immediately informed the German State Office of Criminal Investigation.
The data released consisted of logins registered in 2007. Frogster immediately blocked the compromised accounts on a temporary basis (account management, forum, and game access) and has personally informed the affected players about how they can reinstate their accounts and the reason for the suspension. As a precaution, Frogster calls for all players to change their game-, forum-, and payment system passwords.
Once the hack had been discovered, Frogster immediately assembled a task force and is currently using everything at its disposal to investigate this situation. Right after the publication of the attack, Frogster systematically inspected all of its systems for weak spots and backdoors and implemented new firewalls, new user privileges and passwords, as well as introducing further security measures.
Frogster takes protecting its players from these types of risks and threats very seriously and uses all means to contain and prevent them. At the same time, the publisher is pushing on with its continual process of expanding and optimising its technical infrastructure.
Regarding the claims of the attacker, Frogster emphasises that its team is always open to constructive criticism and suggestions for improvement. However, the company considers blackmail attempts, which put the privacy and security of players in danger to be wholly unacceptable and will not concede to them. Frogster’s approach to forum policy is very much in line with the industry and follows the forum rules which are publicly available to all users: https://forum.runesofmagic.com/announcement.php?f=64&a=82. Frogster does only intervene in cases of severe breaches of these regulations. Certain technical aspects of the game operations are subject to legal requirements, and there are other aspects over which the Berlin-based games publisher has no direct control.
Players unaffected by the attack can continue to log into and play Frogster’s online games as normal. On Friday, Frogster provided its player community with the following statement:
Frogster’s community management and customer support teams are available to answer any questions their players may have. A forum thread has also been set up to act as the central point of information for general security queries which can be found here:
In the interests of data privacy, Frogster asks representatives of the media strictly not to publish any of the player data released by the hacker, or publish any pictures which make this content visible, nor to embed the hacker’s videos into articles, nor provide links to these videos.
MMORPG UK 