Hard on the heels of the Clash of Kings hack, an attacker has reportedly hit the popular online multiplayer game Dota 2, managing to compromise almost two million accounts.
The heist was carried out on a Dota 2 member forum on July 10, with the perps making off with user names, emails and IP addresses. The hit has just come to light thanks to a copy of the leaked database showing up on breach notification site LeakedSource.com.
The data also includes hashed passwords that use the outdated MD5 algorithm—but a member of the LeakedSource group told ZDnet that 1.54 million of the passwords—or about 80%—have already been unscrambled using “rudimentary and run-of-the-mill cracking tools.”
"Data persists, so even if you’ve taken steps to protect that information, hackers may have the tools to negate these defenses six months, one year or three years down the line. If you do the bare minimum now, this won’t do you any good in six months’ time. Simple hashing of passwords isn’t enough—using strong encryption should be a prerequisite for any organization handling account information” said Jacob Ginsberg, senior director, Echoworx.
READ FULL STORY ...