Warning to Players: it appears DDO had a Security Breach

[LevelJ]

So I found out through a family member who also plays DDO that he discovered via a news report that there was a security breach in various sites, and after checking he and I discovered that both our info had been compromised on DDO. I haven't seen anything from SSG on this, so wanted to spread the word so people can take the necessary precautions to avoid security issues.

EDIT: Here's the source for the news article my family member found this on: https://www.waaytv.com/content/news/...504556831.html

EDIT 2: It appears the site is still displaying the breach from 2013 and that this one is NOT tied to the one that occurred more recently for other sites (as mentioned by Lynn below). Apologies for the misunderstanding.

-Jayron

[Arkat]

Link plz.

[Memnir]

[LevelJ]

Link plz.

https://www.waaytv.com/content/news/...504556831.html is where my family member found it, originally via a tweet of theirs. When we both checked to verify if our info was compromised, DDO was listed.


-Jayron

[Lynnabel]

https://www.waaytv.com/content/news/...504556831.html is where my family member found it, originally via a tweet of theirs. When we both checked to verify if our info was compromised, DDO was listed.


-Jayron

https://haveibeenpwned.com/PwnedWebsites

The breach in question did absolutely occur, but in April of 2013. You can search for DDO (ctrl-f and "Dungeons" will get you there on the above link) to check the details. That being said, a strong password is very important, and there is no harm at all in being overprotective of your digital data. I'd recommend a password manager to generate secure passwords, and using 2-factor authentication with whatever password manager you go with. I believe the Chrome browser has recently started suggesting secure passwords via auto-fill, and taking advantage of those is very easy.

[SiliconScout]

So I found out through a family member who also plays DDO that he discovered via a news report that there was a security breach in various sites, and after checking he and I discovered that both our info had been compromised on DDO. I haven't seen anything from SSG on this, so wanted to spread the word so people can take the necessary precautions to avoid security issues.

EDIT: Here's the source for the news article my family member found this on: https://www.waaytv.com/content/news/...504556831.html


-Jayron

Gonna assume that this link goes to have I been powned. Turbine did have a breach but it was 5 or 6 years ago as I recall. I don't believe any passwords were taken but they suggested / required a password change at the time. I don't honestly recall that clearly. I do recall that there was no billing / CC data taken and that was all that mattered to me as I use a different password for every site / logon that i have so I just changed my password at the time.

I think if there was a new breach SSG would be notifying people. They would legally be required to in many jurisdictions that they operate in.

**edit** I should have read the thread before replying I guess eh! Looks like I was right at least, if redundant.

[LevelJ]

https://haveibeenpwned.com/PwnedWebsites

The breach in question did absolutely occur, but in April of 2013. You can search for DDO (ctrl-f and "Dungeons" will get you there on the above link) to check the details. That being said, a strong password is very important, and there is no harm at all in being overprotective of your digital data. I'd recommend a password manager to generate secure passwords, and using 2-factor authentication with whatever password manager you go with. I believe the Chrome browser has recently started suggesting secure passwords via auto-fill, and taking advantage of those is very easy.

Ah, if that's the case than it's not the same as the recent one. Admittedly I had changed my passwords back then when that happened, so when I saw this and DDO was mentioned I thought it was a new one.

Apologies for causing a ruckus.

[Jerevth]

Ah, if that's the case than it's not the same as the recent one. Admittedly I had changed my passwords back then when that happened, so when I saw this and DDO was mentioned I thought it was a new one.

Apologies for causing a ruckus.

Kudos for accepting responsibility and updating the OP. I'd give you rep but I have none to give.
If nothing else I'm considering changing my password to something tougher than it is now; why give my wife more ammo to try and take away my favorite(and only) vice. (Coffee and bacon are already severely restricted.) I swear that woman was an artificer in a past life; always on repeater.

Lynnabel: if we remove our credit information from the auto-renewal for subscriptions, does it remove that from your database or merely unset a flag for the renewal?

[Andu_Indorin]

https://haveibeenpwned.com/PwnedWebsites

The breach in question did absolutely occur, but in April of 2013. You can search for DDO (ctrl-f and "Dungeons" will get you there on the above link) to check the details. That being said, a strong password is very important, and there is no harm at all in being overprotective of your digital data. I'd recommend a password manager to generate secure passwords, and using 2-factor authentication with whatever password manager you go with. I believe the Chrome browser has recently started suggesting secure passwords via auto-fill, and taking advantage of those is very easy.

Very good to see a prompt response from a responsible authority. Thanks!

[Memnir]

Apologies for causing a ruckus.

No ruckus, and no apologies needed at all.

I just personally prefer to read about security breaches for myself, hence my post above. But, my passwords needed refreshing - and this was a reminder to do so and I've now done so. You had our best interests at heart, and it's appreciated.