Hackers steal customer data from gaming company

After failing to extort money from the company by hacking into its databases, thieves try to squeeze money from customers.

Greg Sandoval Former Staff writer
Greg Sandoval covers media and digital entertainment for CNET News. Based in New York, Sandoval is a former reporter for The Washington Post and the Los Angeles Times. E-mail Greg, or follow him on Twitter at @sandoCNET.
Greg Sandoval
2 min read
A maker of popular role-playing games was forced to shut down its online store for four days after hackers pilfered e-mail addresses, user names and encrypted passwords.

White Wolf Publishing, creator of video and table-top games such as "World of Darkness" and "Vampire: The Requiem," received a message from an "international group of hackers" on Dec. 11 saying they had penetrated the company's online security defense, said company spokeswoman Kelley Herman.

The hackers threatened to post user data on the Web unless the company paid them a sum of money. White Wolf has not publicly disclosed the amount of that sum.

But the Atlanta-based company refused to pay, and the hackers responded this week by e-mailing individual White Wolf customers to tell them they can buy the stolen information for $10.

Herman declined to say how many customers might have been affected.

"We notified our clients immediately and advised them to change their passwords," Herman said. Over time, there is a chance the encryption on the passwords could be broken. This posed a risk to customers who use the same passwords for online banking and shopping.

The theft is the latest example of the difficulty that small online stores or Web companies have in fending off attacks by technologically sophisticated criminals. Last week, hackers snatched the personal details of thousands of donors to a Christian charity Web site in the United Kingdom and tried to extort money from donors.

Herman said the hackers exploited a software flaw to get past the site's security. White Wolf's online store was down for four days while the company tried to fix the flaw. As far as White Wolf can tell, however, the hackers did not manage to steal any credit card information. The FBI is investigating the break-in, Herman said.

The FBI office in Atlanta has not responded to requests for comment on this story.