Home
Downloads     
Articles Previews Blogs Popular Hardware Price & Performance Forum YouGamers Twitter
YouGamers.com News EVE Online Server Security Breach

News





 
By: Jarno Kokko Oct 20, 2007

EVE Online Server Security Breach

EVE Online servers and website went down unexpectedly this Friday afternoon. During the unscheduled downtime rumors flew thick, and everything from terrorist bombing to hilarious conspiracy theories was passed around as the cause. The real reason? EVE got hacked.

Rumors got a bit out of hand as initially there was no information whatsoever. CCP pulled down everything while investigating the security breach. After getting the servers back online, almost ten hours after the downtime started, CCP posted an announcement.

At 10:25 GMT today we discovered an anomaly in the EVE Online Database indicating a potential exploit. Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 12:57 that group concluded that our best course of action was to go completely dark while an exhaustive scan of our entire infrastructure was executed.

What we discovered was an indication that one of our databases was being accessed through a security breach. While some may feel that such a drastic reaction was not warranted, it is always our approach to err on the side of caution in order to protect the players.

We of course understand the effect and disruption this has had for our players and apologize for not having been able to explain to the community what was going on. In these cases it can often be counterproductive to containment to give out information while we are in the process of evaluating the scope of the problem.

Our taskforce quickly found the security breach and prevented that from being used. We subsequently found three cases of database actions being performed through the security breach but none of those affected other users than the one doing the actions. We can also confirm that no personal details such as users' credentials or credit card numbers were exposed through this incident.

The servers were brought back online at 22:00 GMT and we will of course continue to monitor the situation closely over the weekend and the following week.

Again we sincerely apologize for this disruption.

So, not the end of the world, but pretty unusual in the MMO business. It does cast a shadow of doubt over the security of the game for a long while though, as in properly configured environments such breaches should not be possible. Naturally, without knowing the exact details of the breach or details on the configuration of the CCP network infrastructure, one can only speculate.

In any case, EVE keeps adding to it's unflattering list of notable events, such as "MMO with the the biggest in-game heist", "first MMO with developer (instead of just a GM) caught cheating in the game" and the "first MMO who had to set up their own Internal Affairs organization while trying and restore player confidence to the game" - this occurring after said cheating episode. I guess it all reflects the highly competitive "take no prisoners" nature of EVE Online. It sure isn't your average "whack monsters for loot and exp" game.


 

Comments

Unregistered users are required to complete an image verification.


Latest headlines



  About Us     Privacy and Legal     Game-o-Meter FAQ     Contact Us     Advertise With Us     Jobs     Futuremark