Telstra GameArena and GamesShop websites hacked
Telstra reset all user password because their sites were hacked.
They also have this message on their website home pages:
|
09:34am 24/05/12 Permalink
Wonder how many people use the same password for their email address. Then the hacker could just log into their email and get the new password etc.
|
09:56am 24/05/12 Permalink
So, how is everyone at Mammoth today? Yeah I don't think they are going to be finding much funny today...... |
10:17am 24/05/12 Permalink
Wonder how many people use the same password for their email address. Then the hacker could just log into their email and get the new password etc. Specifically, i have a totally and completely different password for my email and any forum login. This is mostly because in the olden days, PHP forums used to sell or their databases would be hacked just to get emails to spam mail the users. Or they'd just have really simple bots just going through passwords. But you'd see them trying to bruteforce attack accounts. Hence i have about 7 passwords; The really s***** password that would allow access to only really s***** things, websites that i never cared about, higher than that is a diverse set of passwords which aren't too important i use 3 mainly for forums i like, and emails that i like, my emails never have the same password as any forum (my username and my email can easily be linked :P, skythra at gmails and skythra at hotmails etc). Then finally i have stuff like my netbank passwords, paypall passwords etc. These things consist of letters and numbers and capital with an unusual character where i can. They're variations of the same theme, numbers and capitals just changed around. I have had this kind of 'layered' password security for a while probably since i was about 16. Though my passwords aren't the same lol. back then netbank and paypal didn't exist... actually i think they might have but i didn't have them. |
10:18am 24/05/12 Permalink
In the olden days your password was in the query string (in the url) of the forum, so when someone clicked a link on the forum to your page you could just record the referer and get their password.
I have a similar system to skythra, except my "s***** website" passwords are only 4 to 5 characters long. So it becomes very annoying when a "s***** website" decides it's an "oh so important security website" and makes you type in an 8 character password with letters, numbers, and other convoluted rules that don't fit into my system. last edited by thermite at 11:05:41 24/May/12 |
11:02am 24/05/12 Permalink
gamearena gave diablo 3 a 6.5 ? Finally a realistic review. |
11:44am 24/05/12 Permalink
11:45am 24/05/12 Permalink
news.com.au link just to annoy trog OK, man, that's just cruel now ... |
11:48am 24/05/12 Permalink
GameArena website hacked Didn't mammoth write some code for GA back in the day? - No surprises there then eh. |
11:53am 24/05/12 Permalink
i can't even remember what my gamearena password was
|
12:26pm 24/05/12 Permalink
Coolies, just changed my password. Now, is it too early to talk about some type of compensation or should I wait a bit?
|
02:32pm 24/05/12 Permalink
So it becomes very annoying when a "s***** website" decides it's an "oh so important security website" and makes you type in an 8 character password with letters, numbers, and other convoluted rules that don't fit into my system.my annoyance is when there's maximum length limits, eg battlenet and hotmail have a limit of 16 |
02:40pm 24/05/12 Permalink
So it becomes very annoying when a "s***** website" decides it's an "oh so important security website" and makes you type in an 8 character password with letters, numbers, and other convoluted rules that don't fit into my system. how dare they try and make your passwords more secure. |
02:51pm 24/05/12 Permalink
Oooooh apparently Mammoth Media were silent on the issue.....
http://www.zdnet.com.au/telstra-gamearena-hacked-35k-accounts-lost-339338507.htm not really adding anything to story here, just stirring the pot! |
04:29pm 24/05/12 Permalink
Was there a crossover in the qgl/GA logins at one point, because i seem to recall my GA account being made from my qgl one or something, but it was so long ago i may be mistaken.
So this may effect qgl as well? |
04:31pm 24/05/12 Permalink
how dare they try and make your passwords more secure. /Insert XKCD comic about passwords here. |
04:32pm 24/05/12 Permalink
Wow, that's a bit mean gamer. Pretty fair though. |
06:52pm 24/05/12 Permalink
Maybe this has to do with why I am seeing ad's even tho I am logged in
|
07:27pm 24/05/12 Permalink
Luckily my password for here was only ever used here.
but were you at least hashing the passwords ? if so with what (lawls if it is rot13) |
07:27pm 24/05/12 Permalink
Hope it works out ok for Mammoth and they can restore confidence for Telstra.
Last Telstra third party vendor that had security issue is on the short boat to replacement. |
09:03pm 24/05/12 Permalink
Gamearena rocks yo. Also, giving rot to the virtual pioneers of the on and offline gaming world in Aus and have remained on the edge ever since is a bit harsh, and on a site they let you post on to boot! Armchairs are comfortable though I guess. (/Tony Greig voice) :p
|
10:26pm 24/05/12 Permalink
Luckily my password for here was only ever used here. well derr, even if all they got was the hashed passwords you'd still forcefully change everyone's passwords ... no point waiting around for them to brute force the ecryption. |
11:30pm 24/05/12 Permalink
Was there a crossover in the qgl/GA logins at one point, because i seem to recall my GA account being made from my qgl one or something, but it was so long ago i may be mistaken. yeah, oldschool qgl'ers would have had the same account under GA and qgl I think. I know my passwords were the same but then they went separate. Hence i have about 7 passwords; The really s***** password that would allow access to only really s***** things, websites that i never cared about, higher than that is a diverse set of passwords which aren't too important i use 3 mainly for forums i like, and emails that i like, my emails never have the same password as any forum (my username and my email can easily be linked :P, skythra at gmails and skythra at hotmails etc). Then finally i have stuff like my netbank passwords, paypall passwords etc. These things consist of letters and numbers and capital with an unusual character where i can. They're variations of the same theme, numbers and capitals just changed around. Every site I sign up to has a different password, all my emails are different too. |
08:38am 25/05/12 Permalink
Hope it works out ok for Mammoth and they can restore confidence for Telstra. Yeah, that was my first thought as well. |
09:57am 25/05/12 Permalink
I have been giving this some thought - as you do, and am seriously interested as to who/m is responsible for this heinous event and their motives - it's not like it's an everyday event in Inarweb world and some sites are stating that it's one of the worst ever, comparing it to the Sony hack and saying it supersedes it etc? Part of me wishes I was still in the know so I could understand it all TBH.
They should be in phe4r of lawful retribution though, that is for sure - this kind of behaviour carries quite a significant period of incarceration these days, right? Sort of scary that at the push of the button people/1(one) person can have such a powerful influence over firms/people/corporations' reputations/finances etc, even more so when you consider the tech prowess of the people on the receiving end in this instance. I hope it never happens to my business/es TBH. *wishes for a swift resolution* :( ;) |
01:02pm 28/05/12 Permalink
Didn't they get credit card details in the Sony one? And hundreds of thousands of accounts? That sounds many magnitudes worse to me.
|
01:18pm 28/05/12 Permalink
Not really Jc, it was simply username/passwords with no credit card details. I don't know why the media is convincing people that this is worse then Sony when they actually lost PSN accounts, credit card details etc. Maybe its just Telstra, and thus the warranted hate ensues?
|
01:26pm 28/05/12 Permalink
Hay guys lets post some dirty stuff while the admins are busy.
|
01:42pm 28/05/12 Permalink
did telstra list all their bigpond users info on the net last year?
|
03:02pm 28/05/12 Permalink
did telstra list all their bigpond users info on the net last year? yeah, an internal page was accessible online, people had access to account info including account password.. |
03:05pm 28/05/12 Permalink
still no email telling me to change my ga password
|
12:34am 29/05/12 Permalink
still no email telling me to change my ga password do you still have your bigpond email address? that's what I see when I look at your GA account |
12:49am 29/05/12 Permalink
Thanks for the heads up Khel and Eorl (how is your dream job going btw?). I take it all with a grain of salt TBH and like hearing info from the horses mouth. I too was thinking that it was the uber punch behind the Telstra brand that drew so much attention despite the fact that the breach was relatively low level and there must have been layered protection or something? Why didn't they go the full malicious monty though? Shrugs, it is amazing how quickly stuff changes in this world - I spent the better part of 25 years at least 5 hours a day on the puteys and despite having a formal qualification ontop of that I feel like I'm only qualified to service Vn Commodores or Ea Falcons, lawls. :)
|
05:31am 29/05/12 Permalink
I also have no had an email informing of the hack and to change my password.
|
08:35am 29/05/12 Permalink
like hearing info from the horses mouth. I'm pretty sure that the "masters of the www" have legal advice to shut their pie holes. Which would be fair advice. http://i.imgur.com/vEgg1.png I hope they have a theme song. |
01:12pm 29/05/12 Permalink
Obviously Skeletor is finally coming good on his plans to invade Catle Greyskull
http://i.imgur.com/FW1KM.png |
01:13pm 29/05/12 Permalink
Hahah typo you are such a f*****.
This is my favorite picture from the site http://www.mammothmedia.com.au/about-us/the-mammoth-team/david-harrison http://www.mammothmedia.com.au/about-us/the-mammoth-team/~/media/Images/Staff/profileshots/20110826AR_0370v1.ashx It is clear mammoth is having financial difficulties, just checkout the car evaluation thread. Nah jokes I am just messing about. |
02:03pm 29/05/12 Permalink
Trog always looks like a criminal
- A pirate with a bandana - A thug with a hoodie - A catburglar with nightvision goggles |
02:13pm 29/05/12 Permalink
- A cat5 burglar with nightvision goggles |
02:25pm 29/05/12 Permalink
- A studious cat5 burglar with nightvision goggles |
02:37pm 29/05/12 Permalink
Probably uses the cat5 to climb between buildings.
|
05:11pm 29/05/12 Permalink
do you still have your bigpond email address? that's what I see when I look at your GA account hmmm which one? I do have a bigpond email that I've had for ages but... BUT! I did have a different one ages ago because after we signed up, they brought in that 3gig cap thing so I pissed them off and when they got rid of it I came back. I'll go check the account settings & see if it's the right one. edit: tried to log in, told me I was using my old password and that I can click a link to reset it. worked like a charm. It's got my correct email btw. |
05:24pm 29/05/12 Permalink
Hahah typo you are such a f*****. But am I the master of the f*****s? If so, I should get a cape with a big QGL with it on. I'm also very interested in digital civil liberties and enjoy keeping up with the latest developments in law as it relates to issues such as copyright, privacy and security. Obviously that doesn't mean internet security, but rather the Scrooge McDuck vault that he keeps his money bags from QGL LANs. EDIT: Can't spell Scrooge. last edited by typo at 17:30:36 29/May/12 |
05:27pm 29/05/12 Permalink
Isn't typo like a disgruntled ex-QGL admin?
|
07:06pm 29/05/12 Permalink
Trog 'the male model' Sutcliffe!? :p
|
10:34pm 29/05/12 Permalink
I might have found an error with the second line. Should that be "experienced"? My grammar skills are horrible so I could be wrong.
http://www.members.optushome.com.au/gpahl/mammoth.jpg |
11:03pm 29/05/12 Permalink
I might have found an error with the second line. Should that be "experienced"? My grammar skills are horrible so I could be wrong. Thanks Rev, fixed that up... |
10:55am 30/05/12 Permalink
