Lulzsec lets Bethesda know they were hacked weeks ago, Bethesda confirms
The hacktivists group known as Lulzsec has seriously been making themselves quite the lengthy resume; hacking big wig companies like Sony, Nintendo, Fox, PBS, the US Senate’s sites, and now Elder Scrolls developer, Bethesda. Giving the sign of triumph, through a recent tweet the group let everyone know, Bethesda included, what had been accomplished and that they’ve had accessed to Brink’s over 200,000 member userbase for weeks now. And all with the developer not even being aware of it.
As is the custom, Lulzsec issued a release on their site showing in plain site the damage that’d be done:
Lulzsec
Official twitter account“Greetings Internets,
This is a story all about how we made Bethesda Softworks, ZeniMaxMedia, and everything they own, our bitch for life.
As you should know, The Lulz Boat stores vast amounts of booty;much of this booty we don’t release as it’s simply too shiny and/ordelicious. As of late, certain inferior sailing boats have discoveredflaws in Brink (brinkthegame.com), thinking themselves exciting and new.
Too late. The Lulz Boat controls this ocean, chumps.
Some weeks ago, we smashed into Brink with our heavy artillery LulzCannons and decided to switch to ninja mode. From our LFI entry point,we acquired command execution via local file inclusion of enemy fleetApache vessel. We then found that the HTTPD had SSH auth keys, whichlet our ship SSH into other servers. See where this is going?
We then switched to root ammunition rounds.And we rooted… and rooted… and rooted…
After mapping their internal network and thoroughly pillaging all oftheir servers, we grabbed all their source code and database passwords,which we proceeded to shift silently back to our storage deck.
Please find enclosed everything we took, excluding one thing -200,000+ Brink users. We actually like this company and wouldlike for them to speed up the production of Skyrim, so we’llgive them one less thing to worry about. You’re welcome! :D
Please keep making awesome games, guys, and you shouldtotally add an official LulzSec top hat to new releases.
But anyway, bwahahaha… >:]”
Like most attacks done by Lulzsec there’s not a whole lot of commotion going on in terms of stolen credit cards or things fo that nature. Stating simply that they did it ‘cause they could, Lulzsec has sorta been playing the role of internet Batman, patroling the streets making sure everything is safe and sound — a vigilante if you will. Not really a bad guy, but not playing by the roles in any sort of means.
In response, Bethesda had this to say via its official blog:
“Over the past weekend, a hacker group attempted an unlawful intrusion of our websites to gain access to data. We believe we have taken appropriate action to protect our data against these attacks. While no personal financial information or credit card data was obtained, the hackers may have gained access to some user names, email addresses, and/or passwords. As a precaution, we recommend that all our fans immediately change passwords on all our sites — including our community forums, statistics site for Brink, and here on the blog.
If your username/email address/password is similar to what you use on other sites, we recommend changing the password at those sites as well. As we don’t know what further plans the hackers may have, we suggest that you keep an eye out for suspicious emails and account activity.
We regret any inconvenience that these attacks on us cause for you. These attacks will be evaluated to determine if there are any additional protections we might take that would be prudent.”
Some of lulzsecs action have been a little playful, and at other times excessive, but this might wake Bethesda up and realize it’s time to invest in some stronger security for its users and in turn their privacy.