Konami accounts suffer brute-force hack, video game players told to change their passwords


pes-2013-170Japanese video game producer Konami - famous for titles such as Pro Evolution Soccer and Metal Gear Solid - has advised customers to change their passwords immediately, after hackers made almost four million attempts to break into users’ accounts in a period of less than one month.

Konami says the attack against its ID Portal site happened between Thursday, June 13th and Sunday, July 7th 2013, and resulted in 35,252 unauthorised logins.

There is no suggestion that payment information has been compromised, but Konami says that customers’ personal information, such as name, address, email address, date of birth and telephone number - may have been exposed by the unauthorised logins.

Konami says it detected the suspicious behaviour on July 8th. One has to wonder if they decided to take a look at what was happening on their customer portal after the widely-reported month-long hack against fellow Japanese video game makers Nintendo.

The timing of the two brute-force attacks against users’ login accounts can hardly be a coincidence.

Konami customer notice

Even though Konami says that it has taken steps to ensure that the IDs and passwords used in the unauthorised logins can no longer be used to access the site, users still need to ensure they are following best practices for password security.

In short, it’s very important that internet users don’t use the same passwords on multiple websites. If you *do* use the same password in multiple places you only need to have one of your accounts hacked in one place, or for a website to be careless with its security, for everything to start unravelling.

Konami has provided links in its English-language advisory [PDF] offering users advice about how to reset passwords, and details of the Konami one-time-password service.

Tags: ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts


No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.