Bethesda Hacked, Details About To Be Leaked

By John Walker on June 13th, 2011 at 6:33 pm.

They're not really quite so refined, sadly.

Update: LulzSec have released what they claim to be everything they took from Bethesda, including source code and admin passwords, except for the 200,000 user details which they say they’re leaving out because, “We actually like this company.” (They also claim to have broken into senate.gov, and paste this as proof. That should bring them some dark-glassed attention.)

LulzSec, who have claimed responsibility for many of the gaming hacks of late, have announced they’ve had access to Bethesda/Zenimax’s data for a couple of months, and are planning on releasing details today. They’ve been winding up BethSoft all day, threatening to release details of a number of games, including Brink. However, in their usual way, they are suggesting they’ll go easy on them because “we love Call of Cthulhu.” They rather spuriously suggest this is motivated by a lack of details on Skyrim, but even if they received some, plan “to embarrass you anyway.”

As usual LulzSec’s Twitter feed is a mixture of taunting boasts and in-fighting with others in the community, but in the mix is the claim that they currently have over 200,000 users’ details. That’s the bit they suggest they might not leak because of the power of 2005′s Cthulhu game, co-published by Bethesda.

But for some reason the focus of their attack seems to be Brink. Yesterday they warned, “Say your prayers, Brink users.” Seemingly in response to protests from others who pointed out that there’s little argument for their being victims they explained, “If you want ethics, go cry to #Anonymous,” indicating their anarchic motivations are far less politically or socially driven than the Fawkesian crowd. “We did it because they couldn’t stop us,” is the reasoning.

They explain that they’ve had access to the Bethesda data for a couple of months, but seem to be waiting for a couple more details before they release it all. And then comes the threat just a few minutes ago that if Bethesda gives “everyone more info on Skyrim and we’ll keep the user database to ourselves. However we are going to embarrass you anyway. :D” Then they push their teasing one step further suggesting, “Bethesda, add an official LulzSec top hat to Skyrim and we’ll remove your admin configurations from our incoming leak. Deal?”

It’s clearly an extremely unpleasant experience for those at Bethesda, and it’s a demonstration of what is behind these hacks: the lulz. Those trying to fathom a pattern, or guess what form of revenge or injustice is behind their motivations needs to understand that no such thing is relevant. It’s not even because it’s found to be funny, nor to prove hacking prowess (although that’s clearly a factor along the way). It’s because they can. Thus, lulz.

, , , .

233 Comments »

  1. Grygus says:

    I would guess that this is where the online community in general begins to turn against them.

    • Premium User Badge

      heretic says:

      Doubt it.

      With all the hacks lately people will want order, the more this gets in the public eye the more our freedoms will be repressed. This shit used to happen all the time before, but I reckon its getting more attention now. What would be interesting to see is groups of security professionals (read: hackers) that will try to instil a certain order. See http://www.jasonkchapman.com/heretic_online/

    • Vagrant says:

      Has the online community ever been with them? All they’ve ever done is obnoxious trolling.

    • Premium User Badge

      bglamb says:

      I don’t think it’s right to assume that all of the recent hacks have been by Lulzsec, whatever they may claim.

      User data is big business. Think how much people want you to install their tool-bars. The high-profile attacks of late are invariably criminal proceedings. Sure, Lulzsec can hack too. Anyone can. But that doesn’t mean all hackers are Lulzy.

      But at the end of the day, who cares who it is that publishes your passwords to the internet? It Lulzsec or anyone else wants to steal my data, then f–k them.

    • MikoSquiz says:

      A few data security peeps I know of are very happy about all this LulzSec stuff, and describe it as the equivalent of someone going into people’s unlocked, unwatched, fenceless, open-windowed houses, helping themselves to snacks from the fridge and leaving a little note saying “have you considered putting a lock on that?”.
      Because overall, people really should put a lock on that before someone walks off with the TV.

    • aerozol says:

      Yes, much better than someone stealing your data, not telling anyone, and passing it on.

    • psyk says:

      If I broke in to peoples houses and made a website to release the info I found and to tell people they need better security I would be told where to stick it by almost everyone and with good reason. How people support this is amazing, also they are most likely selling the databases to spammers and scammers seems to of escaped most people.
      Just to add for the benefit of the people who think the company’s so far have been a bit lax in telling people………………. Most of the time you never find out, be thankful these companies released a statement.

      And another thing
      “And then comes the threat just a few minutes ago that if Bethesda gives “everyone more info on Skyrim and we’ll keep the user database to ourselves.”
      Is blackmail and is the second time they have tried it

      http://webcache.googleusercontent.com/search?q=cache:K27RnveaJXkJ:www.unveillance.com/latest-news/unveillance-official-statement/+http://www.unveillance.com/latest-news/unveillance-official-statement/&cd=1&hl=en&ct=clnk&gl=uk&source=www.google.co.uk

      Hopefully people will start pulling heads out of arses and see they are just supporting criminals.

    • Muzman says:

      As much as it doesn’t seem right to side with these guys, the need to register and “secure” log-in to everything these days has watered down the concept an awful lot.
      By and large it seems to be a corporate trend designed to force exclusivity and corral players, to me at least. Something marketing and advertising has been pushing for years, essentially to aid the waving of numbers under the noses of those holding the purse strings. (actually, if these guys were targeting other companies and ad firms their ’cause’ would seem somewhat more solid)

      It could be I’m out of touch. Online multiplayer things use it for anti cheat security and so on I guess. What else is there I’m forgetting?
      It does seem to me that if they decentralised a bit (y’know, like the old days) you can combat cheating other ways and you don’t have to sit on a pile of user info you have to defend, expensively.

    • Premium User Badge

      lurkalisk says:

      @MikoSquiz

      I would agree with that point, but that analogy only works if you admit that most societies now are miserable little cesspools. People shouldn’t need locks (turns out some don’t really, in some places).

    • thinsoldier says:

      @Muzman Totally agree. It must be cheaper and easier to just release dedicated servers and let users register to their preferred community-server. If they break the rules or cheat it’s only the problem of that server admin and the couple hundred regular users of just that server.

      You don’t “need” to have a password. You don’t need to a global 100% hack proof leader board!
      I’d much rather be #18 on a server with 300 players than actually knowing I’m only #79,897 globally.

  2. westyfield says:

    My sides, they are splitting.

    • Premium User Badge

      dirtyword says:

      It truly is a hilarious and well-thought-out prank. The height of comedy.

    • FRIENDLYUNIT says:

      Truly. I can plainly see why the “Lulz” part of the name is so appropriate.

  3. SirDimos says:

    Meh, just a bunch of lowlifes trying to feel important and going about it entirely the wrong way.

  4. gingerpembers says:

    Why don’t they just hack the hackers!
    For GODS SAKE, do I have to come up with the solution to EVERYTHING?!

    • Copybas says:

      Except you’re wrong, and everyone HAS been trying to hack them. They’ve deemed themselves unhackable because they actually are working with one of the best hosting services for their website. They’ve mentioned their hosting in the past, and how amazing the people working there are at preventing intrusions.

    • Premium User Badge

      Daiv says:

      We can’t hack them, they have all the internets! Do you have any idea how many gigabytes there are on the Internet? And how many of them are no longer under our control? There are servers in the cloud that can run thirty megahacks in parallel – and that’s just the modems!

    • westyfield says:

      We’re gonna need at least a thirty gig pipe if we’re to stand any chance of pulling this off.

    • Tei says:

      Attacking the attacker in the internet is a VERY BAD IDEA [tm]
      A cracker can do this: lure you to atack him, then make so you are attacking a victim instead. This is true for all internet things, email, web, im, etc…

      Suppose you do a email bombing on a spammer that has send you 1 email. He can fake his address to be from a victim, so you could be bombing a victim. Wooo hooo.

      As a general rule: in the internet, attacking the attacker, is a NO-NO.

    • Dao Jones says:

      I like to play games.

    • gingerpembers says:

      Dudes! Dont take my post seriously!

      Nice replies though :D

  5. Vexing Vision says:

    Can we, you know, just shoot them?

    Police just busted a few illegal movie distributors here in Germany. Why can’t they give these scriptkiddies something to think about?

    Everyone’s doing it because they get away with it. Just like torrenting movies and games. I hope it doesn’t take another 10 years until someone pulls the plug and fastens the handcuffs.

    • lonewolf80 says:

      Yeah, it’s come to the point that they’re no longer “funny”, they’re just plain annoying. I hope they get caught in an international crackdown, then all sent to jail.

    • Commisar says:

      I know, too bad these people aren’t exactly easy to track down

    • Urthman says:

      Sorry, no guns in Skyrim.

    • DerShcraa says:

      And the remainders and sympathisants will FUCK YOU after.
      Hard.

    • Premium User Badge

      Devan says:

      While I also want those responsible to receive suitable punishment, I am concerned about how the regulation/policing/enforcement on computer security activities could be handled. If recent copyright law is any indication, the politicians who make the rules about this kind of thing rarely have more than a rudimentary understanding of it, and they are likely under considerable industry pressure to over-regulate. It’s easier for companies if nobody knows how to hack than if they have to hire someone who properly knows how to beef up their security and protect them from it.
      The result I fear is that they end up creating laws that criminalize activities which are actually harmless, or chill independent research in the security sector.
      What needs to really happen is for people to realize that this isn’t a problem that can be regulated away, and the best solution is to properly secure your data in the first place.

  6. Hodag says:

    The tophat bit is pretty funny. The rest, not so much…

  7. The Mechanical Aggressor says:

    ARE YOU TESTING ME, SATAN? This is getting tiresome.

  8. Kolchak says:

    Why can’t these Hackers do something good for mankind like ruin the site for the Westboro Baptist Church? Do they really need to screw around with video game makers?

    • noodlecake says:

      Exactly! :)

    • SirDimos says:

      Couldn’t agree more.

    • Blaq says:

      I’m assuming the OP is being sarcastic, in which case I’m linking it as reference for others.

    • Valvarexart says:

      Yea, as they say themselves, they are kinda fond of Bethesda. Why not hack Activison instead? :(

    • MythArcana says:

      They are doing something good for mankind; keeping these game companies in check with security. Do you want all your sensitive info all over the Internet because *So-&-So company” didn’t want to spend an extra $50k securing the servers? Now the cat is out of the bag that your data isn’t safe, and these “victimized” companies now must fix it. That’s how Capitalism works, folks. You have to spend money to make money the proper way.

    • arccos says:

      No, they aren’t actually doing anything good for security. If they wanted to do that, they could have contacted the company privately and pointed out their security problems. After it was fixed, announce the previous security hole by all means.

      Instead, they’re releasing private information of users that don’t have anything to do with Bethesda, other than creating accounts on their servers. That doesn’t create more awareness, it creates panic. You don’t increase security through threats.

      You can’t break into a bank, steal everything in the safe deposit boxes, and claim the bank was at fault. Even if the bank could have had more security, the person committing the crime is the criminal. Full stop.

  9. noodlecake says:

    Well that’s pathetic. People like that need a good slap. Or possible just some friends and a life.

    • rayne117 says:

      I hate this argument more than any hacker that has or will ever exist.
      “Hurr get a life” they HAVE lives. Their lives are obviously here, because if they weren’t; they’d be dead.
      What counts as a life to you? Having 20 really close friends? 30? 40? 50? Having a nice job or house? What is the meaning of life to YOU? Why berate someone else for what they spent their time learning and pursing (what have you been doing lately? Probably not getting the skill to successfully hack huge corporations and organizations. Hell, I’d go as far to say you or I haven’t put in 50% of the work they have put into their work.) These cannot be script kiddies, if they were then EVERY BUSINESS EVER would be getting hacked all of the time. These are people have spent years cultivating a skill, whether that skill be for good or evil.

    • Sheng-ji says:

      Having no life in this context means that the only way to get your kicks is to ruin the fun of others.
      These are the kids who got bullied at school, but don’t have enough of a sociopathic tendency to kill. They wreak their revenge on this horrible world by ruining the fun of the popular kids, those who play sports and well.. go out side once in a while.
      There is no difference between them and the little twunts who will do over a corner shop with an air pistol “Just cos we can innit”. They like to pretend they are performing the heist of the year, but in reality, once our various nations police forces catch up, they will be popping up on ASBO lists and having their computers confiscated, while simultaneously destroying any hope of a decent future.

      Cultivating a skill, don’t make me laugh, one or two of them may have created an amazingly sophisticated piece of software, the rest have just learnt to use it – the reason why everyone isn’t hacking everyone is the same reason why everyone isn’t robbing corner stores – It’s wrong and most people realize that, therefore wouldn’t do it, whether it was easy or not. In any society there will always be a number of deviants, they will be slapped down hard soon enough and their “trade” will be made prohibitively difficult.

    • Robert says:

      “What counts as a life to you?”

      Getting satisfaction and ‘worth’ in your life from something else then griefing people.

    • thinsoldier says:

      @Sheng-ji

      I’ve got to disagree there. The few hackers (sort of white-hats) I’ve ever met in person were all between 25 & 34. Since I met them almost 9 years ago they’d be 32-42 years old now. Definitely not “kids”. I’d honestly be shocked if the majority of lulzsec or any other seriously skilled hacker group were under 22.

      And the youngest in the group I met currently spends at least a month a year cruising the caribbean on a yacht and coaches basketball in the summer. So he and his family are living one hell of an interesting life.

      Not saying there aren’t a lot of hackers who fit your description, just that based on my experience it doesn’t seem fair to lump them all into that group.

  10. Leo says:

    Although I’m itching for more info on Skyrim as badly as the next guy, I can’t say that I agree with such harassment directed at a game company that has a fairly strong reputation and track record.

    Yeah Fallout 3 and New Vegas launched a bit, err, broken, but they were good games overall. You want to really put the hurt on someone who deserves it? Hack the money hungry imps at Activision.

    • Premium User Badge

      Rikard Peterson says:

      It’d still be a sad and unfunny thing if it was done to Activision or another party that you happen to dislike. I just wish they’d stop it altogether.

    • Leo says:

      Agreed

    • sinister agent says:

      “Dear Internet,

      Because of these witless cockholes, we’ve decided not to release Skyrim at all. If you have a problem with this, feel free to develop it yourselves.

      Love,

      Bethesda”

    • Premium User Badge

      romanlevin says:

      Yes because they’ll take their toys and go home. Who needs money, anyway?

    • Premium User Badge

      Malibu Stacey says:

      Although I’m itching for more info on Skyrim as badly as the next guy

      Might want to see a doctor about that. Should be able to get some cream or ointment to clear it up if you’re lucky.

    • sinister agent says:

      Yes because they’ll take their toys and go home. Who needs money, anyway?

      Why yes, you’re right. I was absolutely serious and genuinely believe that Bethesda would simply pack up shop.

      Christ.

  11. Premium User Badge

    HermitUK says:

    Call of Cthulhu was great up to the point it started wildly deviating from the source material. The last couple of levels in particular were not good, to say the least. I would be all over a sequel though.

  12. Nic Clapper says:

    This stuff is ridiculous. Like some of these hacker guys are trying to make a point about security being low and whatever — which this guy I guess is mostly just doing it just cause like you were sayin — but whatever the point is on these hacks its just going about it so wrong. Giving out gamers info and etc is just potentially making things worse for those trying to enjoy themselves.

    Its like going to a kids baseball game and throwing food at the kids playing to protest high costs at the concession stand.

  13. X_kot says:

    “[...]he thought it was good sport. Because some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn.”

    • gingerpembers says:

      DANANANA na na na na na NANANA DA DA DANANANANA…

      BBBRRRRRRRRMMMMMMMMMMM!

    • Lilliput King says:

      This is by far the most boring way to watch the world burn.

    • jon_hill987 says:

      Exactly what I posted in the thread about Epic being hacked earlier today.

    • Sheng-ji says:

      …Then they grow hair in their special places and look back at their lives, only to realize what cocks they have been.

  14. ChaosSmurf says:

    Their twitter account is an essay on how to be an asshole.

    • Commisar says:

      yep, i would actually would love to seek these guys outed and their fingers and hands broken on a live webcast….

    • Premium User Badge

      FriendlyFire says:

      Too bad this isn’t Neuromancer, where you can get your all-empowering implants extracted permanently, leaving you unable to connect to the rest of the network. Ever.

  15. noom says:

    Hackers can be great. Hackers can also be incredibly wearisome.

  16. gwathdring says:

    What a bunch of assholes. Anonymous can by worse though. What’s funny is when people on anonymous get into legal trouble for online harassment and whatnot. It’s hard to be anonymous on the Internet.

  17. Pamplemousse says:

    What a shame.

  18. pakoito says:

    “The man” arrested and publicly humiliated three guys in Spain for having IRC server nodes that were somehow used by Anon. They called them “top part of the Anon structure” and “responisble for hacking the pages of PSN, banks and gobernments like Libya, Syria, Pakistan…” and the kicker was relating them to Basque independentist terrorist group. Everyone on the internet lulz at the misinformation, but most of the population straightly believed it.

    Then you see the lulzsec actions unpunished.

    • Tei says:

      Can we agree that Anonymous is bad? please?. People motivated by the LULZ is not your friend, and will backstab you the moment doing so looks funny. Also his methods are useless or counter-effective.
      People like Anonymous and people like FoxNews or Interconomia are like images of a mirror, jerks that like publicity and jerkes that love publicity. Thei deserve each another, you and me deserve something better.

    • pakoito says:

      I kind of agree to that (and I’ve been called counterrevolutionary for thet), but those three guys are mere scapegoats.

    • MikoSquiz says:

      Agreeing that Anonymous is bad is like agreeing that Italians are bad, or maybe that tall people are bad. Anonymous is the loosest grouping of people possible, and most Anonymi have nothing in common. As a rule, the ones who picket Scientology Centers aren’t the same ones that harass schoolchildren on the Internet, and those aren’t the same ones that track down child pornographers and report them to the cops, and those aren’t the same ones that trade lolicon manga on the image boards. Except when they are.

    • Tei says:

      @MikoSquiz People sould use a different flag than anonymous if have a different attitude, because the flag of anonymous is vandalism. Also… well.. I am a very strong supporter of anonymity, but theres a lot of things that can be defended withouth a mask.

    • thinsoldier says:

      @Tei If vandalism is hacking child slave traffickers computers to gather evidence and annoying Scientologists I’m all for it.

  19. Dahlius says:

    At least they have a good sense of humor, I’d even go as far as demanding a sequel to DCotE, but then again, that’s about as likely to happen as the next Call Of Duty getting canceled.

  20. Kollega says:

    Alright, this is getting ridiculous. So far, those douchebags with no motivations beyond ruining everyone’s shit haven’t done much that would enrage me personally, but they still seem like a bunch of incredibly unpleasant individuals who now jumped from simply stealing the data to actively blackmailing the game companies. I’m sure i will not cheer for them… and i think very few people would.

    I just hope that game companies take a lesson out of this and crank up their security up to eleven. Busting some of those “lulzers” and subjecting them to the songs of *insert a performer you dislike here* untill they cry for mercy would also be pretty nice.

    • Leo says:

      “It’s Friday, Friday
      Gotta get down on Friday
      Everybody’s lookin’ forward to the weekend, weekend
      Friday, Friday …..”

      BARF…oh god…oh god it burns..
      Sorry folks I started copy pasting this into the reply box and instantly threw up all over myself. Puddles upon puddles…

  21. Zorganist says:

    So instead of Anonymous acting in the name of some vague, anarchic, disorganised agenda, it’s just a bunch of twats being twats?

    With Anonyomous, you at least get the sense that the ‘doing it for the lulz’ motto is ironic. LulzSec just sound like dicks.

  22. Lobotomist says:

    So, some are still on their side.

    Sony , Codemasters , Epic Games , Gmail , Betasheda , World Monetary Foundation … and many unreported incidents.

    Targeted with moral purpose , or blindly shooting at all directions (and inventing matching story when they manage to break in)
    And, yes … they do it all for fun. They will not sell or use valuable stolen information.
    Yeah right.

    But
    Arrests in Spain lead to arrests in Turkey.
    These guys are good when hiding behind computer firewalls. But I can picture them shitting their pants and admitting everything when they are in interrogation room with a brute policeman.

    Let them LULZ to that.

    • Helloes says:

      Encouraging police brutality because they embarrassed your favourite game developers, and exposed their shit security. Nice.

      I think what we should take away from all this isn’t that the guys doing it are assholes, that is irrelevant. What we should take away is that a lot of corporations honestly doesn’t seem to care about securing our personal information, or their own for that matter and totally relies on blind faith in that they won’t be targeted. How many corporations have been infiltrated that we haven’t heard of? Either because they don’t want to lose respect/have their stocks go down or because they just don’t actually know they’ve been compromised?

      The really sad part about this is that those in charge won’t respond reasonably, they’ll go on and on about terrorism and then crack down on net-freedom, rather than you know, securing their shit like they are supposed to – and this won’t accomplish anything other than be a royal pain in the ass for everyone except the guys responsible for these attacks, who will be able to continue just like before because they operate outside the normal internet. It’s going to be the Patriot Act or DRM all over again, and we’re just going to go along with it because of how inconvenient it is to have our PS3 unavailable for a month.

    • Lobotomist says:

      I had account at Sony and Codemasters.

      So it was attack against me. What did I do to them ?

      I see it not much different than a guy that attacked me on a street for no reason. And that guy would go to jail and be harassed by police.

      And justice should be equal for all. Dont you agree

    • MiniMatt says:

      @Helloes – exactly, they’re ass-hats but there will always be ass-hats. The world has had burglars for as long as civilization has existed, burglars are ass-hats. But society has developed both a proportionate response (by and large, not counting hand chopping mutilating dictatorships) as punishment, and targets have developed well rounded, pragmatic, means to protect their interests (and the interests of their clients).

      If someone burgles a bank and steals the contents of all the safety deposit boxes, that burglar is still a complete bar-steward. However, if the bank used the equivilant of a £2.99 tesco-value padlock on their front doors then I want to make sure I don’t use that bank in future.

    • Sheng-ji says:

      What if your bank used a state of the art, sophisticated modern security system, but someone sold the ass-hat a tool to neutralize it – Could your bank have done any more except magically know someone had targeted their system to create such a tool?

  23. RickyButler says:

    hello i am a hacker i browse 4chan and have an inhumane sense of self entitlement~~~

  24. Fishbro says:

    Kinda hating on all the hacking going on right now, I don’t see why people want to do this. What is funny about leaking personal information and trying to hold a company to ransom?

    At least Anonymous have a code, however perverted it may be, but Lulzboat are just dicks to the industry and the community they say they serve.

  25. Bodminzer says:

    Doesn’t using their logo/imagery glorify them a little bit? I’m not so dense as to think that that was your intention, but yeah, it does play to them a little bit.

    • ArthurBarnhouse says:

      By that logic even mentioning the hack is glorifying them.

  26. Tei says:

    I disaprove this type of attacks, based on two points:
    - Are too easy. It only taking a search in google for “vBullleting 2.4.1 exploits” … any script kiddie can hack that way.
    - It disrupt community sites, that make more expensive to mantain these sistes, and that may result on these sites closing. So it can be result in a lost of freedom of expression.

  27. vandinz says:

    Attacking large corparations is one thing. Fuckin’ up the average gamer is just going to alienate them. Not that they care by the looks of it. Dicks.

  28. Raiyan 1.0 says:

    Why do LulzSec do this?

    Because some people just like to watch the world burn.

    It would be lovely if AnonOps fucks up LulzSec’s servers or something. Anon’s reputation as an internet vigilante will be sealed.

    Edit: Damn you ninja!

  29. Dana says:

    Its just a matter of time till all the world agencies will gang up on them. We just need to bait them to hack FSB pages, and they probably wont live to see another month.

  30. thegooseking says:

    Bethesda should cave and give a special top hat as well as some other bonus content for Skyrim exclusively to LulzSec.

    That “other bonus content”, of course, being to replace the entire game with an endlessly repeating version of that tedious dialogue approval minigame.

    And why would Bethesda do this? For the lulz, of course.

    • Tei says:

      Theres nothing bad in wearing a top hat and a monocle. I do every time I have to post something that I know is epic and controversial.

  31. Pointless Puppies says:

    This suddenly makes the ire toward PSN all the sillier.

    I always maintained that ANYTHING can be hacked if people actually want to hack it. But nope, everyone kept INSISTING PSN had terrible security by some arbitrary measure simply because of the fact that they, indeed, had been hacked.

    I guess Epic, Nintendo, Bethesda, Citigroup, and Codemasters all had “inexcusably horrendous” security as well. Where’s the irrational ire toward those groups now?

    • DrazharLn says:

      They did and do have bad security. Furthermore they require that they hold lots of your personal data and then tend to store it insecurely (i.e. not encrypted or hashed).

      Network security the world over is a joke.

  32. Lobotomist says:

    To all of you claiming Anonymous have a greater agenda , how do you justify this :

    “assaulted an epilepsy support forum run by the Epilepsy Foundation of America.[55] JavaScript code and flashing computer animations were posted with the intention of triggering migraine headaches and seizures in photosensitive and pattern-sensitive epileptics.”

    LULZ , huh ?

    You know how pleasant is to have epileptic seizure ?
    Not mentioning , serious cases can even die from it.

    Or this
    “On May 20, 2009, members of Anonymous uploaded numerous pornographic videos onto YouTube.[65] Many of these videos were disguised as children’s videos or family friendly videos with tags such as “Jonas brothers.”

    LULZ. Yep. Wait for your 8 year old kid watching that. And laugh.

    As I said.
    Just Internet bullying. Not unlike Griefing in games.

    I have absolutely no compassion for them.

    • Raiyan 1.0 says:

      I would honestly say Anon cleaned up their act. For all their claims of not having a leader, AnonOps actually did create a hierarchy and brought some adherence to some ideals. They haven’t been up to anything undeniably cunty in the last two years. Instead, they have rallied for WikiLeaks, exposed evidence of the American government trying to suppress freedom of speech (HBGary fiasco involving Glenn Greenwald), supported Iranian revolutions, fought against Spanish corruption, refused to take on the Westboro Baptist Church, stopped their PSN hack the moment users started to be affected… the list goes on.

      4chan=/=AnonOps

    • Nighthood says:

      You just don’t get it, do you?

      I’ll spell it out for you: Anonymous is ANYONE. ANYONE AT ALL. It’s not a group. “Lulzsec” is a group, Anonymous is anyone who fancies a go. Some of them are dicks, some of them are decent, some are conservatives, some are socialists, some are anarchists, whatever. They’re not a group though.

    • Raiyan 1.0 says:

      You missed the part where I said that Anon is no longer the leaderless amorphous entity they always claimed to be. AnonOps have clearly created a hierarchy, and any plans for attack has to go through the community. I actually remember visiting a San Diego Anon site, where one guy popped up with the idea of attacking WBC, but the rest of them beat him down saying Anon is not his personal army. Which is precisely the reason why the Ryan fellow – who wanted to carry on with the attack on PSN but the rest of the Anons wouldn’t let him – decided to hack Anon’s own servers and take ‘em over for his own operations.
      And yeah, you can claim that anyone can be Anon and attack on their behalf… but if they’re not adhering to the rules Anon set, they’re not certainly attacking on behalf of Anon. Sure, I can claim to be a hardcore liberal – but if I end up voting for Sarah Palin and go anti-abortion, my claims would be on shaky grounds.

    • Premium User Badge

      Stellar Duck says:

      Meh, the epilepsy thing is a bit of a dick move.

      The pron stunt on the other hand is pure gold.

      Who in their right mind would let their kid run free on the internet? And on Youtube of all places. I’d consider the comments section of that site a bigger threat to the fragile kiddies that some boobs can ever be. And of course some of the regular videos as well. I’m fairly sure that I’ve seen quite a bit of racism, bigotry and what not on there over the years. Pron pales in comparison to that.

    • Sheng-ji says:

      When you have kids, come back and re-read what you wrote. If you don’t think past you was a twunt, you are a poor parent

    • Premium User Badge

      Stellar Duck says:

      Past me is generally a fool, but in this case I hope I don’t change my mind. Hell, at 29 I’ve thought about this before. I don’t see a problem.

      I would be a bad parent if I let my kids free on the tubes. Surprise porn is harmless and aside from that, I fully expect my kids to ignore me and look into it no matter what i say.

      Finding that porn is rather harmless in the grand scheme of things strikes me as sensible.

  33. Freud says:

    What is scary is I can’t even tell if I have given them my e-mail or not. The number of companies that try to force us into their ‘communities’ just to play single player games is already too big and there is no sign of it stopping.

    • Cooper says:

      This.

      Many online organisations now collect all sorts of info about you by default, for no benefit for the customer (and even mroe often now to use to tailor their advertising and get more monies)

    • Ogun says:

      Aye, this.

      One of the things that gets under my skin about companies wanting information from their customers is knowing that that they’re probably going to give it to a third party or leave it on the windowsill for anyone to steal. There should be some sort of minimum standard for security if you’re going to store customer data.

  34. Daniel Rivas says:

    Twats. Cunts.

    Twunts?

  35. Chuffy says:

    These hackers are awesome. What they are doing is worthwhile and relevant. And their personal hygiene is beyond reproach.

    Now re-read in the most sarcastic voice you can imagine.

    • Laephis says:

      So, instead of group of attention-whore idiots hacking these companies and making big announcements about it, you’d rather these security exploits go unspoken while a more sophisticated group steals your personal information and sells it to the highest bidder?

      Talk about shortsighted ignorance.

      How about we all sit up and take notice that network security on the Internet these days is horrible. Maybe it’s time companies started taking it seriously?

    • Chuffy says:

      For every attention-whore-hacker out there there are hundreds more staying off the radar and not making a song and dance about it.

      Let’s not pretend for one minute these are the Robin Hoods of this world. They are sad low lifes, plain and simple.

  36. Soon says:

    Did you catch the article claiming 25% of US hackers are FBI informers. We’ll see.

  37. nootron says:

    God I hate these people. its not the hacking. Its the arrogance.

    • sinister agent says:

      I for one wouldn’t mind the arrogance if what they were doing was in any way impressive.

  38. Cooper says:

    Why the hate for LulzSec?

    “They did it because they could” is the pertinent point here.

    -They SHOULD NOT have been able to-

    Sony, Epic, Bethesda, Nintendo, Codies (etc.) should have, could have, stopped them. They didn’t.

    If you give someone your details, you should trust them to keep them safe, or only give them details about you you don’t mind being public.

    The internet in “We can’t trust large profit-making companies” shock realisation.

    Turn your ire where it belongs; to those organisations who didn’t take the safety of your customer information seriosuly enough.

    • DrazharLn says:

      Yes, the victims here are the consumers and the guilty ones are those who were criminally incompetent in protecting the data they were trusted with and their network security.

      Sony BMG websites all over the world were broken using SQL injection, for athie’s sake! For those that don’t know, SQL injection is an incredibly well known vector of attack for which there is an equally well known and incredibly easy defence.

    • Teddy Leach says:

      A large part of the hatred is that personal details are being leaked in enormous lists onto the internet.

    • StevoIRL says:

      That’s a awful dumb logic.

      So i could smash your front window of your house climb in rob everything that isn’t bolted down then ring you up and say “Ah you can’t say anything because you SHOULD have had a house that had iron windows to keep safe your valuables consider this a lesson. “

    • DrazharLn says:

      No, your analogy is wrong. Say I go to a lawyer or a financial advisor for a service and they require my details, like my name, address, and bank details.

      If the lawyer then loses these documents because they’re stored insecurely (in meatspace because they’re not at a secure site in a locked room, in cyberspace because they’re not encrypted or hashed on a secure server) then the lawyer is the one who has shown criminal negligence by failing to keep my documents safe.

      Hashing passwords is extremely cheap (the knowledge of how to do it is free and so are the tools) and easy to apply. Encryption and basic network security is also easy. You can’t protect against 0day attacks (unpatched and unknown vulnerabilities in your software), but you can perform basic due process and mitigate the damage of an attack.

      I hope this has helped your understanding of the situation.

    • Teddy Leach says:

      Could we just stop arguing and agree that both parties are to blame?

    • lokimotive says:

      Just because people can do something doesn’t mean they should do something. Some people need a sense of propriety.

    • Sheng-ji says:

      I own an air pistol.

      I can walk into any corner store in the country, wave it about a bit and take some spare change. For the Lulz or whatever.

      Doesn’t make it impressive, right or in any way a civilized way to behave.

      These people (hackers in general) need to be put into prison for their actions.

    • Cooper says:

      Shooting people, robbing houses or stores are just silly analogies.

      Let’s put it this way: If a bank gets raided because they leave the backdoor unlocked overnight, and you lose what’s in your safety deposit box. Would you not be angry at the bank? Demand compensation from them?

  39. DrazharLn says:

    LulzSec are publishing these exploits because they can (and it’s nice to see another person understand their motives correctly), but what makes any of you think that other hackers couldn’t do this? Other hackers with darker motives.

    Bethesda have had at least 2 days notice that they’ve been compromised, they should have notified their users of a probable security breach and told them all to change their passwords on any other services if they use their Bethesda passwords on those services. In my eyes, Bethesda are more at fault than LulzSec.

    LulzSec aren’t particularly pleasant but they’ve given plenty of warning of the attack and they’re doing more to raise awareness of computer security than anyone else I know of.

    Finally, releasing the user data etc does seem like a dick move, but it gains LulzSec notoriety and credibility. If I were doing the hack I’d be more selective, only releasing a limited number of passwords or something to restrict damage to innocent consumers, but really LulzSec aren’t being evil, just antisocial and perhaps pyschopathic. Bethesda, by contrast, are being ridiculously stupid.

    • Cooper says:

      This also.

      At least some Russian kid is not making the dollarz from flogging your emails to spammers

    • StevoIRL says:

      Im going to burn your house down and tell you it’s okay because really has the person responsible for the house you should of built it out of non flammable materials but hey don’t worry think if someone did this with the intention to kill you!

    • Outsider says:

      I will shoot you. That is ok, because it is your fault for not wearing a bullet proof vest. I am not to blame here, your utter lack of preparedness is.

    • DrazharLn says:

      StevoIRL and Outsider,

      I believe your analogies are wrong. First, it is not the individual who is at fault here, but an organization charged with the protection of your data. Secondly, the tools to defend yourself from attack are free and extremely well understood. Thirdly, the expertise required to use these tools is widely available and fairly cheap (if you don’t want to learn yourself).

      I also posted a more suitable analogy here.

    • The Great Wayne says:

      You want to know what’s my opinion about stupid analogies ?

      Hmm, well, the answer is in the question (and no, it wasn’t directed at you, drazhar).

    • Outsider says:

      Companies can and should be held liable for not properly securing information, however, it is interesting to note the pardon you give the individuals who are stealing sensitive information. I’m told, they’re “raising awareness” whereas the company they stole from is negligent.

      The people who stole information are more at fault than those who failed to protect against it. Seeing it in reverse is very strange indeed.

    • Outsider says:

      You want to know what’s my opinion about stupid analogies ?

      No.

    • Recidivist says:

      Blah not meant to be a reply :< *SNIP*

    • Sheng-ji says:

      Wrong. They are anti social. By taking my personal data, controlling it on their computers, they are effectively invading my privacy. I hope they go to prison.

      Maybe it’s you who doesn’t get it. What they have done is no different to me picking the lock to your house, rifling through your wank mags and threatening to show them to your mum if you don’t do something to make me laugh.

      But it’s your fault for installing a yale lock, I mean LULZ everyone knows how to pick a yale lock hahahaha.

    • foop says:

      The analogies to breaking into your house are wide of the mark. A better analogy would be breaking into a bank or safety deposit box company that you use.

      A failure in your house security is your fault. But when you use a bank or other company you are relying on their security, and they have a duty to you to ensure that it is adequate. With a bank, to an extent, you can check that they have adequate security. On the internet, there’s little you can do but trust the company when (or if) they promise to look after your data.

      That’s not to say that Lulzsec aren’t a bunch of arseholes but, Jesus Christ, internet companies – how about not having internet-facing systems riddled with insecurity and tempting chains of authorisation spreading into the guts of the organisation. You only have to look at the RSA security breach to see how companies that should know better are hideously vulnerable.

    • thinsoldier says:

      @StevoIRL But lulzsec didn’t hack “my house”.

      They hacked Sony’s house.

      Sony should have been a fortress, they can afford to build fortresses.

      They make millions or billions of dollars every year, why wasn’t our data in a fortified server?

  40. Text_Fish says:

    Lame.

  41. Mark says:

    “Because some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned or negotiated with…”

    Yup, they’re assholes. However, Bethesda should be the one to take responsibility for letting this personal data fall into the wrong hands. These companies need to step up to their legal obligation of protecting their customers’ information.

  42. Lobotomist says:

    One more thing.

    Apparently all this crap is happening because there was a new security hole / vulnerability identified. Around 2 months ago. In mean time there is no fix. And all these hackers are jumping on the opportunity as flies on the shit.

    Bravo!

    One thing in their defense , perhaps.

    Anon and Lulz talk about it openly.
    Just think how many hacks happened lately , done by shadier organisations

  43. ReV_VAdAUL says:

    Cooper and DrazharLn make some excellent points. All this absurd posturing about how you’d like to beat them up or seem them shit their pants on trial is just sad. They are announcing hacks that may well have been undetectable and are giving concrete reasons for companies to make your data more secure.

    It would seem all the polite and confidential advice about security problems by white hat hackers haven’t solved some rather glaring errors. If an old timey bank vault was really easy to break into would it be sensible to blame people taking advantage of that or to get mad at the bank for having security that is too weak?

    • Outsider says:

      They are announcing hacks that may well have been undetectable and are giving concrete reasons for companies to make your data more secure.

      Yes, just as pirates have given games developers many reasons to make our games more secure. DRM has been such a joy.

      Also, we should thank terrorists for making flying more secure. They’ve exposed so many weakensses in our system, so now I’m more than happy to have to throw away toothpaste and take off shoes to get on a plane.

    • DrazharLn says:

      DRM is a deeply flawed system that does not prevent piracy, so that’s not an appropriate comparison.

      Airport security is also deeply flawed and does not prevent a whole host of possible attacks (I can think of three unprotected ways of getting weapons onto a plane off the top of my head, and the passengers won’t be able to stop me because they won’t be armed).

      Data security, however, is incredibly easy to implement and does not have to make the user’s experience more awkward at all.

    • mulberry says:

      invoking 9/11 to apologize for shitty net security is pretty cute

    • Outsider says:

      DRM is a deeply flawed system that does not prevent piracy, so that’s not an appropriate comparison.

      Whether or not it is deeply flawed is irrelevent to one of the primary reasons it was introduced.

      Airport security is also deeply flawed and does not prevent a whole host of possible attacks (I can think of three unprotected ways of getting weapons onto a plane off the top of my head, and the passengers won’t be able to stop me because they won’t be armed).

      Also irrelevent. Greater security measures were introduced to stop more attacks and have increased the burden on the consumer. That is the point you missed.

      Data security, however, is incredibly easy to implement and does not have to make the user’s experience more awkward at all.

      It is comforting to know that you think so.

    • Outsider says:

      invoking 9/11 to apologize for shitty net security is pretty cute

      You’ve deliberately misunderstood.

    • DrazharLn says:

      Outsider, I believe that DRM and heightened airport security were introduced on the false premises that DRM would prevent piracy and increase sales and that airport security would prevent attacks. Wheras I believe data security is a correct and appropriate response to the problem of 0day attacks and network intrusion.

      Hence my argument that data security is not directly comparable to the others. I appreciate that you may not agree with me.

      mulberry, as Outsider says, you have deliberately misunderstood me.

    • Outsider says:

      Wheras I believe data security is a correct and appropriate response to the problem of 0day attacks and network intrusion.

      Hence my argument that data security is not directly comparable to the others. I appreciate that you may not agree with me.

      Data security is as broad a term as “airport security”. Why I highlighted the above two examples is not to laud their supposed effectiveness, but to underscore how attacking a system can cause misery to the end-user when the managing authorities become overly protective in repsonse.

      You may think increased data security will be be painless and ulta-efficient, but we can all point to circumstances where it has only made life more complicated and less enjoyable, which is why I’m perhaps less than optimistic about all of this.

      These hacks are malicious, illegal and potentially harmful to us … which is why I take issue with the defense of them. That does not mean I hold Bethesda blameless or that I think companies shouldn’t improve security standards.

  44. Kadayi says:

    With all the evil and dodgy assholes out in the world (pedophiles, Newscorp, Fifa) just waiting to be exposed you’d think there would be more legitimate targets out there than games companies and their player bases tbh.

    • Dances to Podcasts says:

      Do you have any idea how many people I’ve slaughtered over the years?

  45. Justin Keverne says:

    Where’s SHODAN when you need her?

  46. Drake Sigar says:

    Ok, that’s it, from now on I think you should report on who HASN’T been hacked. It’ll be faster.

  47. geldonyetich says:

    The say necessity is the mother of invention, and if companies are going to continue to be hacked enmasse by bored youth culture, web 1.0 may well be forced to finally upgrade to a version that enforces a great deal more accountability from its users.

  48. Kittim says:

    Seems to be some problems with Steam too:

    http://store.steampowered.com/stats/

    Hope they are not getting hacked :(

  49. Ginga121 says:

    I really hate these lowlife losers… i would love to lock them in a cell with no electricity for the rest of their lives.

  50. yhalothar says:

    I’m a Brink player, but I don’t mind lulzsec one bit. These things happen with or without this particular group, only lulzsec takes the time to actually tell the users to change their passwords beforehand ;p

    They are needed, IMO, to whip data processors into shape and make then use/enforce better security practices. If lulzsec could get in, then how may other people could? How many did?