Deus Ex, Eidos websites hacked – report

By Wesley Yin-Poole Published 13 May, 2011

Personal data of 80,000 users stolen.

Hackers have broken into Square Enix's official Deus Ex: Human Revolution and Eidos websites and stolen the personal data of "at least" 80,000 registered users, a new report claims.

9000 resumes were also taken, according to KrebsOnSecurity, a security news and investigation website.

Apparently the hackers plan to release the data on file-sharing networks.

According to logs lifted from the chatroom used by those responsible, the hackers are discussing whether to leak the "src" – likely the source code of the websites in question, although some have speculated it could relate to the source code of Deus Ex: Human Revolution itself.

The attack, which occurred on Wednesday, appears to have been conducted by a splinter cell of hacker group Anonymous, which has been blamed by Sony for last month's devastating PlayStation Network compromise. Anonymous has denied responsibility.

Anonymous has in recent days suffered from in-fighting. The internet relay chat (IRC) channels used by the hacker group were recently rendered unusable by disgruntled members of the organisation.

Eurogamer has contacted Square Enix for comment.

Picture of Wesley.

About Wesley Yin-Poole

Wesley is Eurogamer's news editor. He likes news, interviews, and more news. He also likes Street Fighter more than anyone can get him to shut up about it.

Read more articles from Wesley by visiting the Wesley Yin-Poole archive page.

You may also like...

Comments (58) Latest comment 1 year ago

Comments for this article are now closed, but please feel free to continue chatting on the forum!

  • Triggerhappytel #1 1 year ago

    Brilliant. When will this bullshit end? Fuck off and die, hackers.

  • Wyrm #2 1 year ago

    Can everybody stop hacking things for a week maybe and just see how itgoes?

  • captain_Carl #3 1 year ago

    What's the fucking point. Piss off, hackers.

  • Sodding_Gamer #4 1 year ago

    FFS!

  • gribb #5 1 year ago

    Wow this is a little bit too close to Deus Ex's source material.

  • Bigmac1910 #6 1 year ago

    I don't get it, are they bored or something?

    Edit: or instead of Anonymous they are trying to become Infamous lol.
    Edited by Bigmac1910 at 13/05/11 @ 08:29

  • martmart #7 1 year ago

    Tossers. It achieves nothing for nobody except for the hackers to have wet dreams over it.

  • giapel #8 1 year ago

    Is that a joke? A splinter cell? What's this, Tom Clancy? Lol.

  • Zozzilla #9 1 year ago

    And so the stupid fucktards strike again, ruining yet more innocent consumers' fun/lives/credit history.

  • Meh #10 1 year ago

    i suppose this is how they make themselves feel like 'big men', by hiding behind firewalls and encryptions while pissing off everyone.

    i hope they die in a fire caused by their PC's exploding

  • BigDannyH #11 1 year ago

    If these hackers are so bloody clever, why don't they make a game or a games console instead of ruining what someone else has made.

    It's far harder to build than it is to destroy.

  • Meh #12 1 year ago

    on a side note... i like that video

  • Goodfella #13 1 year ago

    This had better not affect the release date of Deus Ex.

    Die in a fire, hackers.

  • Lusterpurge #14 1 year ago

    Hate all you want, but companies shouldn't get hacked this easily by a bunch of "fucktards". Hopefully this means companies are going to start taking security seriously because hackers sure aren't going away.

  • SClaw #15 1 year ago

    What these guys don't seem to understand is that the harder they lean on big companies with a lot of money the faster those tax paying companies will lobby the governments of the world to do something about this. Just how long is it going to be before we see "Anonymous" labelled as some sort of terror group, given the amount of financial damage they (or those claiming to be them) are doing? It won't all be a big game when we see a bunch of stupid hacker kids dragged off to prison under some new draconian anti-hacking law.

  • Sodding_Gamer #16 1 year ago

    I seriously want them shot down like Osama was. But by Chinese ninja assassins in PSN flak jackets. Just to humiliate them even more.

    Pricks.

  • SBfistfun #17 1 year ago

    lol fucking hell...

  • levitate #18 1 year ago

    Fucking asstards. I hope they get found and shot.

  • TheBiGW #19 1 year ago

    Not sure why Lusterpurge has been negged so much - he is right. Companies should take security seriously to prevent this kind of thing. Yes, the hackers did something bad but Eidos are equally to blame here for not securing the data correctly in the first place.

  • Goodfella #20 1 year ago

    Who says they didn't?

  • SClaw #21 1 year ago

    @TheBiGW

    So, your neighbour gets robbed. You note that they merely have a standard Yale lock securing their door rather than the ULTRA CYBER LOCK AWESOME. Instead of sympathising with their loss and all the problems it might cause them in the future you want to mock them for having an inferior lock, is that right?

    Just because this is a giant company doesn’t mean they are perfect, nor that we shouldn’t sympathise with them. And anyway, if someone wants to get in somewhere they’ll find a way – that’s just how the world works.

  • Gambit1977 #22 1 year ago

    Yeah, to be fair, they wouldn't be hacking if there wasn't security, they'd be web browsing. This is getting beyond a joke now :(

  • razzastuta #23 1 year ago

    Lusterpurge/TheBigW

    Both of you have a valid point, but in terms of network/IT security, you can still have the best firewalls in the world right now and be hacked. Security such as Firewalls/AV will always be, to a point, reactive - AV protection comes out but there will always be something new created to which the AV security firms have to react.

    Just the way of the IT world, rubbish I know, but that's it in a nutshell.

  • raloB #24 1 year ago

    Some fucker hacked my tree down last night. The people responsible are definitely anonymous!

  • UncleLou #25 1 year ago

    Any reason why I would be registered there? I have no idea if I am, mind.

  • the_dudefather #26 1 year ago

    Did they use an ICE breaker?

  • Moonprince #27 1 year ago

    Can we have a news story or 6 every day regarding this pls Eurogamer

  • BigDannyH #28 1 year ago

    I reckon we should all just live in bunkers under the ground and never try to do anything for anyone else. Only way to avoid THE HACKERS!

  • Bahumet #29 1 year ago

    These little pricks deserve a custodial sentence. 5 years of being butt fucked by Bubba is about what they deserve.

  • TheEarlOfZinger #30 1 year ago

    I hope to god that coolbrittania and charliechan are among the 80,000

  • mrvinny000 #31 1 year ago

    So Sony , Amazon Deus-ex and now themselves . What bunch of childish douchebags .
    After all the damage they have caused i hope the powers that be round em up and give em the US army custody treatment lol.

  • 5h1nj1 #32 1 year ago

    quote: "hacker group Anonymous, which has been blamed by Sony for last month's devastating PlayStation Network compromise"

    No, they have not been blamed by Sony. *sigh*

  • TelexStar #33 1 year ago

    @razzastuta - "Lusterpurge/TheBigW

    Both of you have a valid point, but in terms of network/IT security, you can still have the best firewalls in the world right now and be hacked. Security such as Firewalls/AV will always be, to a point, reactive - AV protection comes out but there will always be something new created to which the AV security firms have to react.

    Just the way of the IT world, rubbish I know, but that's it in a nutshell.     "

    I understand what you're saying but I disagree (to a point). Yes there will always be hackers and no system is hacker proof. But in the IT Sec world there is something called "defence in depth"; Multiple layers of security, of which firewalls only form a part. IDS and IPS systems, DMZ, Honeypots, Regular vulnerability scanning and penetration testing to highlight your own weaknesses, etc etc etc. The problem is that "defence in depth" costs money the deeper you go and every company makes a risk based decision on how much to spend on security. A massive financial organisation will typically have greater defence in depth to protect their assets as the risk (and subsequent consequences) of being hacked are far greater than if a game developer/publisher suffered the same fate. In short, it *IS* possible to implement a system that is *almost* hacker proof. It just costs an insane amount of money. Money that Square Enix will not have. This is why you don't see yearly occurances of the stock market being hacked. Why? Because it's locked down to the n'th degree.

    In the case of Square Enix, they would have made a risk based analysis on the likelyhood of being hacked. Measured what the consequences of that event occuring and then Weighed that up against the cost of defending against such a hack. This then equals their security solution.
    Edited by TelexStar at 13/05/11 @ 09:51

  • Stardusted #34 1 year ago

    It amazes me how they say "that was anonymous" and people say "yeah fck anonymous, they should be shot for that".
    I don't say they are and I don't say they are not behind all these, but aren't you people a little too fast to swallow what they feed you?

    This is companies talking it's not like they never lie or assume or be plain and simply wrong. Even more so when anyone could do that and be, well, anonymous? (but not the group).

  • djed #35 1 year ago

    Good job, Eidos. It's not like your network-guys got a wake up call a month or so back.

    EDIT: @TelexStar: The London Stock Exchange and the Nasdaq have had several severe security breaches just within the last year. Still, they most likely have (as you say) a more costly security system in place than squeenix.
    Edited by djed at 13/05/11 @ 10:11

  • scoop #36 1 year ago

    This was so always going to happen. Did the people that started Anonymous think that only sensible, mature, ethical types were going to join?

    Is it really a surprise that what they got instead was a bunch of egotistical, pedantic, peurile, sanctimonious pricks?

    I hope they're careless enough to get caught.

  • Triggerhappytel #37 1 year ago

    Sony only implied Anonymous could be behind it; they never clearly stated anything one way or the other. Seeing as the group appears to be made up from multiple disparate parties, I'm not even convinced that Anonymous would really know if Anonymous were behind it.

    Also - I agree that is a cool Sarif Industries video. Looking forward to this game.

  • LR100 #38 1 year ago

    I checked my email as I wasn't sure and it turns out I had an Eidos forum account back in 2009. Luckily, all the forum has is my email address, which is one of many anyway. Quick change of the password and we're away. Not sure if the forum had been affected, but never mind.

    2011 has been a great year for giving your personal details to gaming companies so far!

  • azazel_fallenangel #39 1 year ago

    Am I the only one with doubts to the validity if this?
    My first thoughts about it were that it is a publicity stunt.
    It's a website about a games that features hacking prominently, and hacking has been in the mainstream media for a few weeks now due to Sony's issues...

    Just my initial thoughts...

  • TelexStar #40 1 year ago

    @djed - " EDIT: @TelexStar: The London Stock Exchange and the Nasdaq have had several severe security breaches just within the last year. Still, they most likely have (as you say) a more costly security system in place than squeenix. "

    Oh absolutely, I have no doubt you're right but what we don't see is how many attacks failed as a result of their security policy. The Nasdaq and LSE are far greater targets than Square Enix so you would expect the quantity of attacks on the Nasdaq/LSE to be far greater as a result.

    I'm picking numbers out the air here but the Nasdaq/LSE probably get actively hit hundreds? if not thousands of times a year. The majority of those will have been defended. Compare that to the number of attacks Square Enix received and you can bet your Grandma's inheritance it will be massively lower.

  • dingo75 #41 1 year ago

    The problem is that IT security costs money and in best case is never needed.
    That automatically irks people having no clue about IT but the power to decide about its budget.
    It's the same for backup solutions which are never felt needed until they are needed!
    Much easier to justify a shiny new laptop for the CEO as his Outlook opens 10 seconds faster then...

    The only good thing coming out of these attacks is that you can point to them in the future and ask these guys if they want to be next or shell out the necessary money.

  • swelt #42 1 year ago

    Irony... video links to http://www.sarifindustries.com which has a hidden minigame to 'hack' into their website and steal data.

  • Inmediasress #43 1 year ago

    You know with the recent trend of requiring personal data to be sent to every service you sign up for and probably trough that service you have to sign up for even more services is the most troubling thing for me.
    The hackers are just a simptom of the disease that plagues the modern world.
    They highlight the problemt that big companies and people alike should be more aware of he value of information but recent news suggest just the opposite, with shit like forcing people in to idiotic gaming profiles for almost all big, publishers besides their regular profiles for consloes.
    I'm looking forward to the day when every shit you do will be brodcasted towards the world so that hackers can rape you with it.
    Edited by Inmediasress at 13/05/11 @ 10:33

  • blackbriar101 #44 1 year ago

    Who's next, IGN, Eurogamer, EA? This is getting Ridiculous.

  • Caimbeul #45 1 year ago

    I have said it before and i will say it again...

    This is yet another example of why a digital only future or over relience on web accounts for EVERYTHING is a STUPENDOUSLY BAD IDEA.

    Which ever hackers are responsible for this and the Sony attack all i can say is that their activities are pointless unless they are theiving criminal b'stards intent on using the info for personal gain.

  • menage #46 1 year ago

    Hackers can eat a dick. Losing all goodwill real fast withoutb gaining anything in return. Who the hell cares of Johny made an account for a gaem that's out in 3 months. Fuck off and die.

    Also, I NEVER fill in my real info into sites like that. SE doesn't need to know where i live. And preferably I use email adresses that aren't my main.
    Edited by menage at 13/05/11 @ 11:30

  • Darren #47 1 year ago

    Hackers are always breaking into websites, it's just that we don't always hear about them unless they're major sites. This latest incident is no surprise and likely only of interest on sites such as EG because of the whole PSN thing. I didn't know until recently that Play.com's servers were hacked last year and personal details were stolen.

    I try not to worry about it as my bank are very quick to detect fraud to the extent that they'll even ring me to confirm valid transactions I've made if there's a few at once (when I get pre-order happy!) or not from places I normally use. Shame that I usually have to deal with someone who's first language isn't English but, hey, at least they're making an effort!
    Edited by Darren at 13/05/11 @ 11:29

  • arcam #48 1 year ago

    a digital only future

    It makes no difference whether you are buying a downloadable game from Sony or a boxed game from Play.com. There's still a database out there with your details on it.

    At least in the case of downloadable titles it isn't necessary to store your address details too. And at least there's only one point of failure, rather than the multiple game shops, some with terrible security, that hold your data right now.

  • kangarootoo #49 1 year ago

    The "well you should have had better security" response is pathetic.

    If a friend got mugged, would you blame them for not buffing up down the gym more often? That might have helped them, but its still not their fault. The very basic stupidity of such a statement makes me choke.

  • arcam #50 1 year ago

    @kangarootoo

    If a person gets mugged they just lose their own stuff, so they are welcome to have as much or as little security as they like. If you are responsible for other people's things (money, personal details, property etc.) then you have a responsibility to those people to make sure you are properly secured.

    But that doesn't really apply here, because we know nothing about Eidos' security. If it was up to scratch, then they've done nothing wrong and this is just one more hacking incident in a list of many.

  • kangarootoo #51 1 year ago

    @arcam

    I agree that if you are looking after other peoples' stuff you have a responsibility to them to protect it, but the tone of some posts seem to suggests that the hackers are guilt free - or even doing people a favour by "testing" security. By all means critisise a lack of security, but lets not forget who is truly responsible for the disruption. No hacking action means no negative result, regardless of how sturdy security is or is not.

  • VibratingDonkey #52 1 year ago

    We're getting one of these reports every other week it seems. At least the personal data ought to be pretty crappy. How many use their primary emails and real details for community sites and such?

    Reading this internal squabble is interesting. Makes it even more clear that these are a bunch of selfish, unsympathetic asshole kids who do this just because they're bored and there are no consequences. As the paraphrased age old saying goes; anonymity spawns fuckwads.

    Sincerely hope they'll swiftly get what's coming.

  • TelexStar #53 1 year ago

    @kangarootoo

    Let me be clear, the hackers are miscreant little fucks who should be prosecuted. I'm not defending them.

    However, I work in the IT Security industry and I can tell you that many companies do not always take the secrity of the information they are custodians of seriously. I'm not specifically pointing the blame at Sqeenix here as I don't know the details but it doesn't change the fact that if you collect the personal details of customers, then you are responsible for ensuring the security of those details.

  • arcam #54 1 year ago

    Indeed, and blaming hackers may be justified, but in practice apportioning blame achieves nothing.

    The only thing that can prevent this happening is good security, so it makes sense that that's the focus of discussion.
    Edited by arcam at 13/05/11 @ 12:38

  • MisterM #55 1 year ago

    Fucking Hackers. Why can't they just stop doing stupid bullshit things that affect end users? Why, if they feel the need to flex their webcocks, can't they do something that will just affect the company they're pissed off with?

    And to think, there are people out there that give these fucking low-lifes their respect.

    If there's one thing I hate, it's hackers. Hackers and getting cancer.

  • razzastuta #56 1 year ago

    @Telexstar

    I too work in the IT industry and to be fair, I did water down my post a little bit due to a few time constraints - but your point about "Defence in Depth" is spot-on and I completely agree with you.

    I was merely trying to point out that there's a lot more to it than a company being "irresponsible" - your points about risk-based analysis elaborates a little more on my comment, so thanks for the help! :o)

  • kangarootoo #57 1 year ago

    @TelexStar

    Really, I'm pretty much on the same page as you. I am in no way saying corps that don't look after their customers' private data should be applauded. I'm just playing devil's advocate to the ludicrous notion some posters (on this and previous threads) have regarding security. People have literally said this kind of thing is good as it tests security (the logic behind why security exists, and whether it should have to exist, seems to escape them) - densitity of that magnitude just draws me out.

  • Diabeu #58 1 year ago

    friend of mine just said that Techland's servers register 5000 hack attempts per day, and they are a small player in this business