| Mail |

You might also like: WoW Insider, Massively, and more

More Sites You Might Like

/ Register

Joystiq

Battlefield Heroes Beta applicants exposed in security breach

by Griffin McElroy on Jun 14th 2008 3:00PM

If you're one of the many applicants for the Battlefield Heroes beta, you've probably been informed of this via a somber mass email, but QA Boss, the organization in charge of registration for said beta test, has experienced a security breach which "exposes QA Boss forum user names, email addresses and encrypted passwords." The cause and extent of the breach, and who, if anyone, did the breaching, we've yet to learn -- nor do we know if it will affect the progress of the beta test.

QA Boss advises everyone who uses a single password for all their important logins, and used said password in the Battlefield Heroes beta signup, should probably change that password as a precautionary measure. Too bad, as our previous cipher was nigh uncrackable -- "drowssaP". It's "password" backwards! Brilliant, right?

[Thanks to everyone who sent this in!]

Tags: PC

Reader Comments (39)

i really should stop using my bank pin for passwords...

It's the price of a pizza and a large soda at Panucci's pizza right? $10.77?

Good show sirs.

That dog will haunt me till the end of time.....

I waited for you Fry.....

Spy sappin' mah bank funds!

And FYI,this game doesn't look like TF2.

I got that nice little email. I don't use a single password. So it's all good in the hood. If they used one way hashing, they should be unable to 'crack' the encryption on the passwords, it all comes down to brute force.

They really should just accept everyone that applied at this point. I'd be very upset if my information was compromised for nothing!

agreed

Yeh, cant believe all that and i'm STILL not in the beta.

Typical

Same, I'll have to go change a few passwords and still no E-mail telling me what's happened!

This is why I always put in phony info in stuff like this.

When I saw the e-mail I had no idea what I signed up for QA Boss forums for until I saw this article

yeah, seriously. I thought it was for one of those forums i signed up for to download something and then immediately forgot :/

Same. All I know is I better be in after this crap.

I'm one of the lazy ones who use the same/similar password for most everything:(

Yeah fuck that.

If something serious happens with my password, I can just sue, right?

Less effort than using a new password when I've had the same one for everything since 5th grade.

Argh, now I have to go round and change all my passwords. I best get in the beta after this kerfuffle.

Wait...did I sign up for this or no? I can't remember! I got no email either.

Dr0wS54P is more better :D

What is this, the poor man's TF2?

Well Since TF2 is so inexpensive. I would prefer to look at it as an alternative. Free is always better.

Not really, the gameplay is rather different than TF2's.

oh shit, i thought that email was phishing

This type of thing is why I almost never buy anything with a credit card online.

Hah.. I'm glad I didn't sign up for this piece of crap. Good going, QA Boss. Quality Assurance my ass.

QA Boss - irony strikes again. You gotta be kidding me. Now 50% of all the beta signups I've ever entered have had a security breach.

Hopefully there won't be any "Flagship Studios' servers hacked" headlines. I'll leave it to you to figure out which other beta I signed up for.

You must be kidding me? How did that happen, well time to change all my email and what not passwords, shit. EA Games better make this Beta pretty fing amazing if they think it's fine to send out our passwords.

Whoah, i have no email. does this mean i'm good?

If you signed up there, then you were exposed.

Perhaps you signed up with a different email addy or it's getting sent to your spam box.

*sigh* Seriously? A breach? WTF... how can you not know how to properly secure something like that. Even with password encryption, the hashes can be easily cracked. Thanks EA, I just spent a fucking hour changing my passwords and updating them in my password manager...

Everyone from Reddit to Mastercard has had a security breach. And the guys deserve credit for at least having the passwords encrypted unlike *some* people.

How seriously should this be taken? I'm sure many signed up, what do you think the chances are of them finding my online accounts? Should I go all out on password resets? I have so many online accounts I can't count them.

AFAIK, it was related to an old version of the bug tracking system Mantis they were using. Version 1.1.1 has both a "promote any user to administrator" vulnerability and a "execute arbitrary php" vulnerability.

So....who is in? :D

I always try and think of a unique password for stupid things like this, places that I know I wont be using everyday. For this one it was EAsucks... Rather fitting, no? lol

random email addon for firefox ftw

If they were morons and simply stored md5 hashed passwords, then this could will lead to some compromised accounts since reverse md5 databases exist.

If they were smart and added some salt to the hash, (i.e. password concatenated with "heroes", then run md5 on that) the encrypted passwords are worthless unless they can figure out what the salt was. Better yet, they would use some unique salt, such as the username so that an md5 database would not be helpful. I didn't have an account, but if I did, I would want to know this bit of information.

Oh man, for a minute I thought about using my secure password for this thing.

MOTHER......briliant idea mofo now we will have to wait even more for beta now.do evry1 a favor and jump of a 60 stroy toilet and explode into a bazillion bits!!!

Sorry, you must be logged in to leave a comment.

Breaking News

Battlefield Heroes Beta applicants exposed in security breach

Reader Comments (39)

Posted: Jun 14th 2008 3:24PM Top Cat said

Posted: Jun 14th 2008 3:32PM monkeyssuck said

Posted: Jun 14th 2008 7:03PM BananaBoat said

Posted: Jun 14th 2008 7:38PM Hydralisk456 said

Posted: Jun 14th 2008 8:20PM (Unverified) said

Posted: Jun 14th 2008 3:33PM ultimateq said

Posted: Jun 14th 2008 3:42PM (Unverified) said

Posted: Jun 14th 2008 3:50PM SirDigby337 said

Posted: Jun 14th 2008 4:05PM (Unverified) said

Posted: Jun 14th 2008 4:07PM (Unverified) said

Posted: Jun 14th 2008 4:07PM Giantenemycrab said

Posted: Jun 14th 2008 4:36PM (Unverified) said

Posted: Jun 14th 2008 5:04PM Marzz said

Posted: Jun 15th 2008 12:44AM anoffday said

Posted: Jun 14th 2008 4:10PM WiiFTW said

Posted: Jun 14th 2008 7:37PM (Unverified) said

Posted: Jun 14th 2008 4:49PM Omega Aero said

Posted: Jun 14th 2008 4:56PM wellsley said

Posted: Jun 14th 2008 5:37PM mundox said

Posted: Jun 14th 2008 6:57PM (Unverified) said

Posted: Jun 15th 2008 2:19AM ultimateq said

Posted: Jun 15th 2008 1:31PM Lijik said

Posted: Jun 14th 2008 6:58PM (Unverified) said

Posted: Jun 14th 2008 7:06PM BananaBoat said

Posted: Jun 14th 2008 7:13PM Ignatius said

Posted: Jun 14th 2008 7:29PM (Unverified) said

Posted: Jun 14th 2008 7:39PM SpaceSpace said

Posted: Jun 14th 2008 8:01PM (Unverified) said

Posted: Jun 14th 2008 10:22PM IcedEagle said

Posted: Jun 14th 2008 8:25PM (Unverified) said

Posted: Jun 15th 2008 6:37AM (Unverified) said

Posted: Jun 14th 2008 11:13PM (Unverified) said

Posted: Jun 14th 2008 11:14PM (Unverified) said

Posted: Jun 14th 2008 11:28PM (Unverified) said

Posted: Jun 15th 2008 9:41AM squeevi said

Posted: Jun 15th 2008 10:18AM juju187 said

Posted: Jun 15th 2008 11:28PM (Unverified) said

Posted: Jun 16th 2008 11:46PM (Unverified) said

Posted: Aug 3rd 2008 5:40AM (Unverified) said

Info

Description

MSRP

Release Date

Genre

Developer

Publisher

Rating

Breaking News

Double Fine Kickstarter passes $1 million in under 24 hours, breaking yet another record

Featured Stories

Ghost Recon: Future Soldier brings information warfare to the front

Rhythm Heaven Fever review: Crazy into you

Remedy not done with Alan Wake

The most popular postsin the last 7 days

Engadget

TUAW

Massively

WoW

The most popular posts
in the last 7 days