We are sorry to report that we have discovered that hackers gained access to our forum and game databases and the player data in those databases. We have launched a thorough investigation covering our entire system to determine the scope of the intrusion. This investigation is ongoing and is our top priority. As part of the remediation and security enhancement process we will be taking the game and forums down temporarily.
We are issuing this Security Alert to all Survivors as a precaution so you can take some precautionary measures on your own. We have already taken a number of steps to increase security and are continuing to work with external advisors and investigators to identify and implement measures to minimize the chance of this happening in the future.
The data accessed included email addresses used to log-in to the forum, forum passwords which we encrypt, email addresses used to log-in to the game, encrypted game passwords as well as in-game character names and the IP addresses from which players log-in to the forum and to the game. If you posted other information to the forum it is likely that such data was accessed as well. We do not collect the names or addresses of our gamers so that information was not impacted unless you posted it on the forum. We are investigating whether additional information may have been obtained.
No Payment information Exposed.
All payments are made through a third party and not through our system. Therefore there was absolutely no exposure of your payment or billing information of any kind.
If you registered on our forum your registration email address was taken. Those Survivors who use the same email address to access their game accounts should be aware that the hackers have the email address.
We encrypt all passwords. However, there is a possibility that simple passwords can be obtained using brute force even if they are encrypted. Our research shows that many users are not using strong passwords.
Therefore, we are asking all of our players to please change your passwords immediately. You may do this by visiting our website or by clicking "Forgot Password" on The War Z launcher screen. If you use the same password for accounts on other services, you should change those passwords as well. Please make sure to use a strong password that is unique and uses a combination of upper and lower case letters, numbers and special characters. Longer passwords are stronger. We suggest not to use password shorter than 8 symbols, with 12 to 15 symbols long password being preferred.
What we are doing.
We have engaged outside experts and investigators to assist in our investigation of this incident and committed substantial resources to that effort. We have identified number of ways access was obtained and have enhanced our security to improve game and forum safety. We are undertaking a full review and update of our servers and the services we use and adding additional security mechanisms. In addition to this post, we are emailing all of our players just to make certain that everyone is informed and has been advised to change their passwords.
The security of your data is important to us and we want our players to be assured that we take this situation very seriously. We have taken steps to improve security to minimize the chance of this happening in the future and will continue to invest in improving security going forward.
This has been a humbling experience for us. While we all know that there is no guaranty of security on the internet, our goal is to try our very best to protect your data. We sincerely apologize.
We will update you on status as we make progress.
The War Z Team