Tech Watch | InfoWorld Staff » Second Lifers' 'first life' hacked

September 11, 2006 | Comments: (0)

Second Lifers' 'first life' hacked

TAGS: Security

There's nothing like coming down from a 36 hour virtual reality bender with your avatar only to find your credit cards maxed out, bank account drained and your mail diverted to a P.O. box in Las Vegas.

But players of Second Life might be reckoning with just that after the game's maker said on Friday that a database breach may have exposed customer data including "the unencrypted names and addresses, and the encrypted passwords and encrypted payment information of all Second Life users." Ouch.

It actually sounds worse than it is. Unencrypted credit card information, which was stored on a separate company database, was not compromised, according to a statement posted onthe Web site of Linden Lab. The company discovered the breach on September 6, and traced it to an apparent "0-Day Exploit" of third- party software used on Second Life servers.

While it's possible that account information wasn't compromised in the hack, Linden is assuming it was (good idea!) and users are being asked to change their passwords immediately. The company also warned them to be on the lookout for phone-based scammers claiming to represent the company, according to Cory Ondrejka, CTO of Linden Lab.

Posted by Paul Roberts on September 11, 2006 09:10 AM

RATE THIS ARTICLE: