Site Update: Community Blogs patches *incoming*   |   Report a bug

Codemasters website hacked last week, now they tell us

10:55 AM on 06.10.2011

You may have gotten an email today from Codemasters about this, even though perhaps you don't remember ever registering anything on their websites. I know I thought that when I got the email, until I remembered I probably signed up for an APB beta ages ago.

Codemasters.com was breached on June 3rd, and as soon as it was detected Codemasters took the website and associated web services offline. Since then, an investigation into the scope of the breach showed that whoever hacked it was able to access the following.

  • Codemasters.com corporate website and subdomains.
  • DiRT 3 VIP code redemption page.
  • Codemasters EStore: Customer names, addresses, email addresses, telephone numbers, encrypted passwords and order history. Payment details are said not to have been at risk because they use an external payment provider.
  • Codemasters CodeM database: Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preference (oh no!), biographies entered by users, details of last site activity, IP addresses, and Xbox Live Gamertags.

While they couldn't verify if anything was actually downloaded, it's better to be safe than sorry. A new website will launch later in the year and Codemasters.com will redirect to the Facebook page for the time being -- although it doesn't do so yet.

Codemasters advise you to change your passwords (tip: if you store them, check your browser's stored passwords to see what you used), and to not be an idiot in general if you are asked for credit card info and whatnot.

Also: "The safest way to visit your favourite websites is always by typing in the address manually into the address bar of your browser."

[Thanks everyone who sent this in]

Get comment replies by email.     settings



Unsavory comments? Please report harassment, spam, and hate speech to our comment moderators

Can't see comments? Anti-virus apps like Avast or some browser extensions can cause this. Easy fix: Add   [*].disqus.com   to your security software's whitelist.