LulzSec targets video game maker ZeniMax Media

Hacker group whose main goal appears to be online mischief for mischief's sake breaks into the game company's Web site and posts its source code and database passwords.

Erica Ogg Former Staff writer, CNET News
Erica Ogg is a CNET News reporter who covers Apple, HP, Dell, and other PC makers, as well as the consumer electronics industry. She's also one of the hosts of CNET News' Daily Podcast. In her non-work life, she's a history geek, a loyal Dodgers fan, and a mac-and-cheese connoisseur.
Erica Ogg
2 min read

LulzSec is at it again. Today, after much taunting on Twitter, the hacking group has posted online the source code and database passwords of Bethesda Softworks, a subsidiary of gaming company ZeniMax Media.

ZeniMax owns several studios besides Bethesda and is the company behind popular games like Fallout 3, Doom, Quake, and Brink.

LulzSec says in its statement that it initially launched a distributed denial-of-service attack on Bethesda and then found a weakness that provided administrator access to the Web server, and eventually other servers in the network.

"After mapping their internal network and thoroughly pillaging all of their servers, we grabbed all their source code and database passwords, which we proceeded to shift silently back to our storage deck," the group wrote in a statement posted to code-sharing site Pastebin.

In an earlier tweet, LulzSec said the actual attack took place months ago.

"Bethesda, we broke into your site over two months ago. We've had all of your Brink users for weeks. Please fix your junk, thanks!"

Members of the group also profess to be fans of the company. LulzSec says it has data pertaining to more than 200,000 registered users of the game Brink, but says it held back that information because "we actually like this company and would like for them to speed up the production of Skyrim, so we'll give them one less thing to worry about. You're welcome!"

The Elder Scrolls V: Skyrim is a highly anticipated Xbox 360, PlayStation 3, and PC game scheduled for release on November 11.

ZeniMax was not immediately available for comment.

In the same release as the Bethesda attack, LulzSec also posted as a seemingly casual afterthought user names and passwords it took from the U.S. Senate Web site, Senate.gov.

On Friday, the same group posted the e-mail addresses and passwords of what it claims are 26,000 registered users of the porn Web site pron.com. The group says it specifically called out people with .gov and .mil e-mail addresses who had registered for the site.

Updated at 1:59 p.m. PT with context about when the attack on Bethesda took place.