Square-Enix hacked

[viion]

Why people are talking about security tokens in this thread is beyond me. If you hacked into the server, your dongle is as useless as a slang dongle..

[Fiosha_Maureiba]

Why people are talking about security tokens in this thread is beyond me. If you hacked into the server, your dongle is as useless as a slang dongle..

In terms of logging into an SE account and hijacking a character (deletion, selling everything they own and trading the gil to third-party, etc.)

[viion]

In terms of logging into an SE account and hijacking a character (deletion, selling everything they own and trading the gil to third-party, etc.)

But if I hacked the account server, I would just edit the database to have no SE token linked, so I wouldnt need your token, or care, because i just directly removed it..... See what I mean?

Then I edit your password to 123456789, login, have fun.

Its like trying to laugh at a burglar because he broke into your house through the window, but doesnt have the keys so he cant do anything when hes in there........

[Fiosha_Maureiba]

But if I hacked the account server, I would just edit the database to have no SE token linked, so I wouldnt need your token, or care, because i just directly removed it..... See what I mean?

Then I edit your password to 123456789, login, have fun.

Its like trying to laugh at a burglar because he broke into your house through the window, but doesnt have the keys so he cant do anything when hes in there........

Ah! I see your point. Although if they get that far, then stealing a character account would seem like the least of their worries.

On the Sony situation, I didn't think they got to the credit cards. But they did get to all the passwords that were stored in plain text instead of being encrypted.

[Antipika]

Why people are talking about security tokens in this thread is beyond me. If you hacked into the server, your dongle is as useless as a slang dongle..

And how?

The Square Enix Account management system is completely different from the Square Enix MEMBERS site.

Now even if the Square Enix Account management system was hacked, off course token would be useless, but all the damn Square Enix services would be suspended anyway, so it's not like you would be even able to log on in the first place.

Customers are in a better stance if EVERYONE is "compromised", because SE would simply fix the hole, re-issue a password to everyone (or have them confirm their ID by contacting the Support Center or w/e), rollback characters data if character data were affected. And beside service suspension for couple of days (weeks at worse), there wouldn't be much damage to individuals.

Payment information, passwords, and such are (supposed) to be encrypted.

My company actually has a finger print scanner lol, so they're made, I don't think they're for retail use yet though.

Biometry been used for a while, even for the average end-user. Fingerprint reader have been implemented on laptops, USB drives or available as external devices for over 10 years. And it never was expensive for the most basic ones ($40-50).

[viion]

Now even if the Square Enix Account management system was hacked, off course token would be useless, but all the damn Square Enix services would be suspended anyway, so it's not like you would be even able to log on in the first place.

If they catch it in time, which is unlikely. It would surprise you how long hackers stay on systems before they get shut-out.

[Antipika]

If they catch it in time, which is unlikely. It would surprise you how long hackers stay on systems before they get shut-out.

Come on, it's not like SE are the best, but still they aren't that bad, and due to the company nature (international, running 24/7 content across 3 regions), they do have a 24/7 NOC team, so such incident would be discovered rather quickly.

It's not like it would take long do dump the XIV customer database anyway. Not 10 millions customers in there :]

[viion]

Come on, it's not like SE are the best, but still they aren't that bad, and due to the company nature (international, running 24/7 content across 3 regions), they do have a 24/7 NOC team, so such incident would be discovered rather quickly.

It's not like it would take long do dump the XIV customer database anyway. Not 10 millions customers in there :]

Im not saying SE are bad, im just saying there isnt eyes on every server 24/7, look at Sony, you think all that info was downloaded within a second? I doubt it anyway.

They cant just go "oh shit i think someone hacking, flick switch", it has protocol, a process to follow, a small temp investigation, requests from higher up people, and so on XD

By then I be in your character stealing all your shards!!!! mwuahahah