Ubisoft Hacked, User Accounts Compromised

[exfileme]

No credit card information was obtained, claims Ubisoft.

Ubisoft Hacked, User Accounts Compromised : Read more

 

[alchemy69]

I got an e-mail from ubisoft this morning about this very thing. I assumed it was phishing scam as I don't remember ever having had an ubisoft account.

 

[majudhu]

Websites should let us authenticate with an OpenPGP signed message

 

[Jim90]

I also got an email this morning.
Why do sites such as these still persist on having some personal information unencrypted - why not encrypt ALL personal information? (email, passwords, etc).
Is it really such a big deal to do this?

Obviously, if they get hold of the 'key' then that's another matter (but maybe allows for more trackability for such investigations).

 

[cats_Paw]

Exactly why i dont put my credit card data on those services.
I dont care much if they get my E-Mail since i use one for all that crap and another for important things.

As far as i see it, Ubisoft might have done it themselves to sell personal data to ad companies. There is no way to tell. Or how exactly do i get ads from some new E-mail account i just created that i only used to create a Ubisoft/EA/Sony account?

 

[__-_-_-__]

"Obviously, if they get hold of the 'key' then that's another matter (but maybe allows for more trackability for such investigations). "

how it would allow more trackability? it wouldn't.
encrypted passwords can be cracked.

 

[ZippyPeanut]

ANOTHER reason I resent always-online DRM. To play Far Cry 3, I must have an account with Ubisoft, which is trouble enough. Now this shit happens, and I have to worry about my account being hacked and have to change my password--just to play a video game.

 

[MolsonsX]

What a complete hassle this was because I have 2 accounts with them (UBI Soft). I changed passwords on both accounts as per instructions and ended up being locked out of both when trying to log in to uPlay.
But finally after much stress over lost game$ I was able to log in and all is good, at least for now. I guess non of us are safe from those that would like to steal our personal info. Thank God they weren't able to get banking and credit card info....

 

[koga73]

@Jim90

If everything were encrypted it would take a huge amount of processing power on servers whenever inserting or selecting from databases. Passwords are hashed and Credit Card numbers are encrypted. Allow me to explain the difference. Hashes are simply a checksum. They cannot be decrypted because they are not encrypted in the first place. Think of a hash of being something like if you were to assign each letter in a password a specific value, add them all up and take their character position into consideration. You would have a unique "hash" that represents the password but contains no information pointing back to it. Password hashes are cracked by comparing hashes and trying to find a match. Credit card data on the other hand is encrypted because at some point it needs to be decrypted to process a new transaction.