| schimmetje Netherlands. June 11 2012 19:03. Posts 1045 | Profile # |
Just a friendly PSA, sorry if it was already mentioned elsewhere. Time to change em passwords!
Riot Games' League of Legends is the latest hacking victim, with the company confirming that personal player information in Europe has been accessed by an unknown assailant.
Hackers gained access to email addresses, encrypted passwords, and some names and security question answers. The company was keen to stress that no payment or billing information was accessed at all.
source |
| | Change to MY nostalgia? UNACCEPTABLE! Monkey paaaw! |
|
|
| grs Germany. June 11 2012 19:11. Posts 1422 | Profile Blog # |
| Remember to change the pw on all sites where you might use the same or a similar pw too. This is no hoax and has hit a multitude of websites and there are for sure some you use too. Last edit: 2012-06-11 19:11:55 |
| |
|
| Teliko Ireland. June 11 2012 20:22. Posts 990 | Profile # |
The day I got the warning email from riot, I also got this email from gmail
Gavan, Someone recently tried to sign in to your Google Account. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Saturday, June 9, 2012 7:14:38 PM GMT IP Address: 37.232.22.18 Location: Georgia If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw
Luckily I use different passwords for most things, but people really should reset their passwords and not overlook this.
|
| | Add a drop of lavender to milk, leave town with an orange and pretend you're laughing at it. |
|
|
| schmutttt Australia. June 11 2012 20:34. Posts 1585 | Profile # |
| Good thing my account is the only one I use BOOTYSMAKARAX on. |
|
|
| RouaF France. June 11 2012 21:07. Posts 664 | Profile # |
On June 11 2012 20:22 Teliko wrote:The day I got the warning email from riot, I also got this email from gmail
Show nested quote +Gavan, Someone recently tried to sign in to your Google Account. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Saturday, June 9, 2012 7:14:38 PM GMT IP Address: 37.232.22.18 Location: Georgia If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw
Luckily I use different passwords for most things, but people really should reset their passwords and not overlook this.
Was your password complicated ? like how much characters and numbers/special characters ? Because since the passwords were encrypted they could only steal the hashes. Cba changing my pass I don't think they can bruteforce it/rainbowtable it. |
|
|
| Slayer91 Ireland. June 11 2012 21:14. Posts 8813 | Profile # |
| What? How did this happen? Seems awfully sudden. |
| |
|
| Shikyo Finland. June 11 2012 21:21. Posts 20126 | Profile Blog # |
| Hmh, my password is 12+ characters of numbers and letters and symbols and I don't think they're going to un-encrypt it anytime soon |
| | "I shall wait for you in death's halls, my Love (love love love love~)" |
|
|
 Silidons United States. June 11 2012 21:25. Posts 2785 | Profile Blog # |
On June 11 2012 21:21 Shikyo wrote:
Hmh, my password is 12+ characters of numbers and letters and symbols and I don't think they're going to un-encrypt it anytime soon
you realize they hacked the data files on riots side right |
| | "God fights on the side with the best artillery." - Napoleon Bonaparte |
|
|
| Shikyo Finland. June 11 2012 21:30. Posts 20126 | Profile Blog # |
On June 11 2012 21:25 Silidons wrote:
Show nested quote +On June 11 2012 21:21 Shikyo wrote:
Hmh, my password is 12+ characters of numbers and letters and symbols and I don't think they're going to un-encrypt it anytime soon
you realize they hacked the data files on riots side right
yeah
Going to likely be not worth their time as there's a lot of people with passwords like "hi123" that are far easier pray. If they steal my acc I just recover it and what can they do? Lose 100 elo? Last edit: 2012-06-11 21:31:32 |
| | "I shall wait for you in death's halls, my Love (love love love love~)" |
|
|
| grs Germany. June 11 2012 21:43. Posts 1422 | Profile Blog # |
On June 11 2012 21:25 Silidons wrote:
Show nested quote +On June 11 2012 21:21 Shikyo wrote:
Hmh, my password is 12+ characters of numbers and letters and symbols and I don't think they're going to un-encrypt it anytime soon
you realize they hacked the data files on riots side right
He is right. They got the hashed passwords and need to find the passwords cleartext by dictonary or brute force. A 12+ character pw is pretty safe unless it is in a dictonary or an easy to guess derivate.
Edit: They can't unencrypt them.Last edit: 2012-06-11 21:44:17 |
| |
|
| dakalro Romania. June 11 2012 22:14. Posts 516 | Profile # |
| Breaking hashes doesn't rely on unencrypting passwords, it relies on finding one other (or same) string that generates the same hash. If the hash Riot used was md5, then it's not that difficult, depending on how much they want to break them. |
|
|
| Teliko Ireland. June 11 2012 22:45. Posts 990 | Profile # |
On June 11 2012 21:07 RouaF wrote:
Show nested quote +On June 11 2012 20:22 Teliko wrote:The day I got the warning email from riot, I also got this email from gmail
Gavan, Someone recently tried to sign in to your Google Account. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Saturday, June 9, 2012 7:14:38 PM GMT IP Address: 37.232.22.18 Location: Georgia If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw
Luckily I use different passwords for most things, but people really should reset their passwords and not overlook this.
Was your password complicated ? like how much characters and numbers/special characters ? Because since the passwords were encrypted they could only steal the hashes. Cba changing my pass I don't think they can bruteforce it/rainbowtable it.
It definitely wouldn't have been bruteforced. 13 characters, alternating letters and numbers. Random gibberish. Never had any of my accounts for anything compromised before. |
| | Add a drop of lavender to milk, leave town with an orange and pretend you're laughing at it. |
|
|
| LaNague Germany. June 12 2012 00:43. Posts 2976 | Profile # |
| are you kidding me, that was the only email adress i used that was not known to spammers and the one i use for my internet accounts. Fucking great, now i can change freaking EVERYTHING. |
|
|
| Slayer91 Ireland. June 12 2012 05:26. Posts 8813 | Profile # |
Yeah I don't have anything on real value on that password the worst they can do is tank my elo under 2.3k lol.
I guess I better change it eventually.
I'd so fucking glad I don't use same PW as my d3 account.......... |
| |
|
| |
|
Store
