Frogster has issued a statement in response to the posting of 2007-registered Runes of Magic log-ins, by a chap calling himself ‘augustus87.’
Augustus made two posts – one on 13 January, and the other the following day. Both made certain demands of Frogster and threatened to release 1,000 emails and working Runes of Magic accounts every day until said demands were met.
Amongst this list of wishes were a few somewhat reasonable (if vague) statements like “Better treatement of Frogster employees worldwide!” and general requests for improved security. Others called for “No deleted threads” in the interests of free speech.
Augustus87 backed up his threats by posting 2,000 sets of account details belonging to players registered in 2007. He claimed that the weak link in Frogster’s security chain was a user named ‘Nico’ who, the post suggested, used weak passwords.
In response, Frogster deleted the threads, retained them as evidence and reported the matter to the German State Office of Criminal Investigation. Compromised accounts were (temporarily) blocked and Frogster says that the affected players have all been contacted.
The company urges all other players to change their game, forum and payment password details as a precautionary measure.
Frogster states that it is “currently using everything at its disposal to investigate this situation” and that immediately after the attack (no timescale is given here) the team “systematically inspected all of its systems for weak spots and backdoors and implemented new firewalls, new user privileges and passwords, as well as introducing further security measures.”