Hackers Attack Nintendo, But Company Claims Data Safe

← Back to Stories (view on slashdot.org)

Hackers Attack Nintendo, But Company Claims Data Safe

Posted by timothy on Sunday June 5, 2011 @07:46AM from the 15-minutes-of-fame dept.

Dr Herbert West writes with this from the Wall Street Journal: "Nintendo said Sunday that a server for its US unit's website had been hacked into but that no company or customer information was compromised. The hacker group Lulzsec, which allegedly was behind other breaches of Sony websites earlier this week, claimed responsibility. Lulzsec posted a server configuration file as proof of its involvement yet said it wasn't targeting Nintendo. 'We just got a config file and made it clear that we didn't mean any harm,' the group said this morning via its Twitter.' Nintendo had already fixed it anyway. The attack comes as Nintendo this week launches its new online service for its 3DS hand-held game machine."

28 of 159 comments (clear)

Min score:

Reason:

Sort:

Data is safe because... by Anonymous Coward · 2011-06-05 07:51 · Score: 5, Insightful

The data is safe because they make you put in your CC info every time you make a purchase, instead of storing the data. This is something that people whine about and say Nintendo is being too cautious about every time they talk about the Wii Shop Channel. Still whining, trolls?
Also, if LulzSec doesn't get taken out soon, I'm fucking gonna find one of them and shit on their head. This is getting ridiculous.
1. Re:Data is safe because... by Anonymous Coward · 2011-06-05 08:08 · Score: 2, Insightful
  
  Not only that, but there's no online accounts to access because Nintendo wisely uses only consoles and friend codes. Nintendo actually cares about their customers' privacy. There's basically no data to hack from Nintendo.
  Whereas Sony requires you to enter your life's story to use a fucking online service, Nintendo just gives you a short number. You give it to your friends. No accounts to create, no privacy to lose. It's simple, it's easy, it's private, and it's secure.
  I have to say, this is the first time the news of LulzSec hacking has actually made me mad. Everything else they've done could be argued to be altruistic, but this is just pointlessly lashing out at anyone they find. I can't think of anything Nintendo has ever done to justify this.
2. Re:Data is safe because... by artor3 · 2011-06-05 08:30 · Score: 5, Insightful
  
  Attacking PBS is altruistic? Is Big Bird really that much of a dick?
3. Re:Data is safe because... by node+3 · 2011-06-05 08:45 · Score: 5, Insightful
  
  This whole thread is so full of troll...
  "The data is safe because Nintendo doesn't provide the same level of service as Sony", is somehow turned into "the data is safe because Sony is a bad company and Nintendo is good".
  One of the really funny things about defending the way Nintendo does it is that if you buy a new console, you can't even redownload your purchases. With Sony, you just log in with your PSN ID, and download away! Isn't that usually the argument against online purchases? That you have to re-buy everything? Yet since Sony is the one doing it right, you guys find no trouble contorting yourself to make it look like it's the other way around.
  And this is clearly an attempt by LulzSec to make Nintendo look good and Sony look bad, by the very same double-standard. They say they didn't want to hurt Nintendo. But they clearly wanted to hurt Sony. So they tried to hurt Sony, but didn't try to hurt Nintendo, but the headline reads as though Nintendo was hacked, but their security kept customer data safe, when reality is that there was no customer data to steal, and LulzSec didn't seem interested in doing any damage other than to prove they were there.
  As a company, I like Nintendo much more than Sony, but I'm not going to let that get in the way of reality. In terms of online offerings and capabilities, Sony is way ahead of Nintendo. Spinning this as a good thing is just absurd.
4. Re:Data is safe because... by ninetyninebottles · 2011-06-05 09:04 · Score: 2
  
  I can't think of anything Nintendo has ever done to justify this.
  Nintendo consoles are made by Foxconn in China and Nintendo does not release any public information about how or if they assure that human rights abuses are not taking place. Do they use underage workers, workers forced to work unacceptably long hours, and workers forced to work in dangerous conditions? Maybe, probably, but we sure don't know and Nintendo isn't performing and publishing audits of third world manufacturing facilities and telling us when they stop doing business because of abuses (as a very few companies have). Nintendo devices use minerals mined by slave labor in Africa. Nintendo arguably has serious problems with toxic chemicals from their discarded devices and manufacturing processes polluting the environment.
  All of the above are reasons why someone might be upset with Nintendo and think they need to pressure them to make changes. I'm not saying those are the reasons, but then, maybe you should not assume Nintendo has done no wrong unless you research a bit.
5. Re:Data is safe because... by trytoguess · 2011-06-05 09:15 · Score: 4, Interesting
  
  I saw the alleged "anti freedom propaganda." The worst thing you could say about that Frontline episode is that they asked hard questions, and didn't portray the people in the episode as automatic heroes. What propaganda was in that show exactly?
6. Re:Data is safe because... by Plombo · 2011-06-05 09:15 · Score: 2
  
  One of the really funny things about defending the way Nintendo does it is that if you buy a new console, you can't even redownload your purchases
  
  Yes, you can. You connect your Nintendo account to your Wii, and when you get a different Wii you connect it to the same Nintendo account.
7. Re:Data is safe because... by Darkness404 · 2011-06-05 09:25 · Score: 2
  
  Yes, these abuses are bad, but what would the alternative be? Massive poverty and unemployment. The problem isn't Nintendo, but is rooted in the Chinese government and the Chinese culture. Without large companies like Foxconn, the alternative most likely wouldn't be a higher standard of living, but instead would be more agricultural work, which is often more dangerous and almost always pays lower than factory work.
  
  --
  Taxation is legalized theft, no more, no less.
8. Re:Data is safe because... by Darkness404 · 2011-06-05 09:36 · Score: 4, Insightful
  
  One of the really funny things about defending the way Nintendo does it is that if you buy a new console, you can't even redownload your purchases
  
  Call up Nintendo's tech support and you can transfer games if your other console breaks.
  
  When it comes to Nintendo's DS line, nearly all DSi games can be transfered to the 3DS, with the exception of 11 games that either are getting re-made to take advantage of the new hardware (flipnote studio), had security flaws (sodoku) or had complex licensing (oregon trail).
  
  And I have no doubt that when Project Cafe is released, the same thing will work with Wii Ware and Virtual Console titles.
  
  The difference isn't really a technical thing, but the way that Nintendo and Sony/Microsoft look at consoles. Nintendo views consoles as something where (except in rare cases where one breaks) you really only buy one until they release the new version.
  
  On the other hand, Sony/Microsoft view consoles as something to upgrade midway through the lifecycle (the new slim models of the PlayStation line, the new version of the Xbox). So it makes sense that Sony/MS makes it more straightforward to redownload things because they expect a large segment of their gamers to get the new console when it launches.
  
  --
  Taxation is legalized theft, no more, no less.
9. Re:Data is safe because... by pandrijeczko · 2011-06-05 10:08 · Score: 2
  
  Also, if LulzSec doesn't get taken out soon, I'm fucking gonna find one of them and shit on their head. This is getting ridiculous.
  Okay, I'll take a guess here and say you're a disgruntled PS3 user who's angry at not being able to get onto the PSN for over a month - and, quite frankly, if you're not getting a service you've paid for, you've every right to be hacked off about it. If you're not, then I apologise in advance.
  Furthermore, I work in system security and whilst I'm grateful to hackers for creating a need for my job, I don't admire them for stealing stuff - sure, breaking into a system quietly without doing any harm and letting your victim know how you got in without going public perhaps has some genuinely altruistic motive but that's the extent of what defines a "good" hacker.
  But you also need to think about this also. Why did Sony have absolutely no resilience in place such that the PS3 community only suffered, say, 24 hours of outage while they switched in backup systems, rather than a whole month? If customer data records have been stolen then once Sony have let their customers know it's happened, all they can really do is stop it happening again.
  In which case, Sony's prime focus should have been to get their customers back online as quickly as possible, even if it meant that they just sent every user an email with a temporary password to a backup set of servers that at least gave them PSN access whilst they sorted the core security issues out.
  I can tell you know with my knowledge of the security industry that every major company, particularly those perceived by some as "evil", is constantly under cyberattacks from Internet Robin Hoods who believe they will be doing the world a favour if they take those companies down - the fact is that those same companies don't reveal those attacks are happening because it's bad for business. The only time they WILL reveal attacks is when they have to let their customers know to take some action because their data has been stolen.
  What I am actually saying here is that if you are one of these companies then if you are carefully watching those constant attacks on your systems, you are going to see an increase in activity when you make some announcement in the press, especially if it's one that's not popular. That's your warning that it's time to put some kind of resilience solution or failover process in place because the more you are repelling attacks on your systems, the more likely it is that one will actually get through and do some damage - hell, if you've any common sense, you'll predict this anyway and already have something in place *BEFORE* you make the unpopular announcement.
  So what you really should be asking yourself is why, on the basis that in all likelihood Sony had plenty of warnings that such an attack would succeed, they did not put in place some contingency plans to, at best, stop the data being stolen in the first place or, at least, putting some backup systems in place to ensure some degree of service continuity when the attack finally occurred?
  The fact is that they choose to take your personal data as part of their requirements of doing business with you, they therefore have the responsibility of ensuring the security protection of that data. And since they clearly haven't done that in this instance, despite having plenty of warning, what you and all the PS3 community should be doing is asking yourselves, and Sony, what it is you are actually paying your high monthly subscription fees for.
  
  --
  Gentoo Linux - another day, another USE flag.
10. Re:Data is safe because... by Anonymous Coward · 2011-06-05 11:26 · Score: 2, Insightful
  
  Suggesting that any perspective is the one true way to see something, and denying any other possibility as you do, really makes it sound as though you are the one who has been indoctrinated. You may want to rethink your presentation.
The hackers made it off with by Anonymous Coward · 2011-06-05 07:51 · Score: 3, Funny

Over 1,000,000 gold coins and several thousand mushrooms.
1. Re:The hackers made it off with by JockTroll · 2011-06-05 08:01 · Score: 4, Funny
  
  However, the data was in another castle.
  
  --
  Geeks are so full of shit that "beating the crap out of them" takes a whole new meaning.
sure you did. by ubergamer1337 · 2011-06-05 07:52 · Score: 5, Insightful

"We just got a config file and made it clear that we didn't mean any harm" - AKA they were unable to get to any meaty stuff, and now claim altruism rather than failure.
Are they still using OSX Server? by atari2600a · 2011-06-05 07:57 · Score: 2

I once found out by chance & server fault they where using it when I was like 12 or something, & back then OS X was still a 'thing'. Since they've gone through at least 2 major web design revisions...
The Nintendo castle is contantly being broken into by rishistar · 2011-06-05 08:00 · Score: 3, Funny

..by Bowser but Mario always gets the data back.

--
Professor Karmadillo Songs of Science
Re:Poor web security five to ten years ago. by ZackSchil · 2011-06-05 08:10 · Score: 4, Informative

That's their PR service for magazines and such. They keep it behind a password now, but it's still a bulk account that gets handed out, usually around E3. Sometimes the credentials leak and we get glimpses of press releases for unannounced games, embargoed stuff, full res artwork and everything.
Their princess was in another castle. by Oxford_Comma_Lover · 2011-06-05 08:15 · Score: 5, Funny

> I can't think of anything Nintendo has ever done to justify this.
LulzSec was mad because their princess was in another castle.

--
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
1. Re:Their princess was in another castle. by Bloodwine77 · 2011-06-05 08:54 · Score: 2
  
  ... or because you can't backup licenses in Mario Kart Wii. After unlocking all the extra tracks, vehicles, and characters for my 5 year old daughter, she somehow manages to delete her license. It has happened twice now.
2. Re:Their princess was in another castle. by MagusSlurpy · 2011-06-05 11:09 · Score: 5, Interesting
  
  ... or because you can't backup licenses in Mario Kart Wii.
  FYI, you can copy your data to an SD card, and then just remove the card.
  
  --
  My sister opened a computer store in Hawaii. She sells C shells by the seashore.
3. Re:Their princess was in another castle. by twidarkling · 2011-06-05 14:18 · Score: 2
  
  Thank you! Christ. Even worse, if you don't make the back-up, it's possible to just go grab a completed file off the internet and throw that on. When I got RE4: Wii Edition, I didn't bother doing the stuff I'd already done a dozen times on my GCN, I just grabbed a save file and played the stuff I hadn't played before. I can't imagine anyone playing through something 3 times for someone else willingly with the only goal of unlocking it when you can just toss a file on instead.
  
  --
  Canada: The US's more awesome sibling.
Still... by Nrrqshrr · 2011-06-05 08:20 · Score: 4, Interesting

This is more humilating to Sony than to Nintendo.

Nintendo will get away with it unharmed, they have actually proven that people's data is "secure".
Sony on the other hand....
1. Re:Still... by Riceballsan · 2011-06-06 01:04 · Score: 2
  
  That isn't necessarily a bad thing. They built their service in a way that doesn't keep information that would endanger the public if it were compromised. Do they deal with transactions? Yes they do, did they consider it a good idea to keep the CC#'s? No because if they were hacked that would have been bad.
  The general rule should be, if you aren't sure you can keep the data safe, you shouldn't be hanging onto it. Nintendo and Sony both decided it wasn't worth the time and money to secure the information. Sony chose to keep it anyway tell everyone the information was safe and hope nobody tested that statement, Nintendo chose to not keep it at all. It's the same reason why people aren't furious that there is no other OS feature on the Wii, If it isn't worth the investment to allow the feature to be in it and secure without opening them or you up to risks that's just fine, realize it up front, let the people know "that isn't a can of worms I want to open" and there's no problem. Sell me something to do X, Y and Z, then taking away Z after I've already paid for it, is wrong.
Brick Nintendo? by jdb2 · 2011-06-05 08:27 · Score: 4, Interesting

I wonder if this has anything to do with the FSF's "Brick Nintendo" campaign. Perhaps the hacker in question was trying to further the FSF's efforts with regard to bringing attention to the super-draconian TOS of the 3DS, but in the wrong way of course. Since this is not "Anonymous" it makes me think that the answer to the former hypothesis is "no" and this is just another immature teenager up to stupid sh*t.

Oh, BTW, have you bought and sent your bricks yet?

jdb2
1. Re:Brick Nintendo? by westlake · 2011-06-05 10:21 · Score: 2
  
  I wonder if this has anything to do with the FSF's "Brick Nintendo" campaign...
  this is just another immature teenager up to stupid sh*t.
  This is the first I've heard of FSF's "Brick Nintendo" campaign. Which seems to be fully up to its usual sophomore beer blast spring break standards.
Actually about Sony? by Daetrin · 2011-06-05 08:51 · Score: 3, Insightful

I have to say, this is the first time the news of LulzSec hacking has actually made me mad. Everything else they've done could be argued to be altruistic, but this is just pointlessly lashing out at anyone they find. I can't think of anything Nintendo has ever done to justify this.
Actually, i wonder if this was intended as a PR move intended to help Nintendo with the primary intent actually being to further damage Sony. Sony's been in the news for weeks for getting hacked multiple times and losing tons of data about customers. Now Nintendo gets hacked, but it's pretty minor and no customer data was compromised. Doesn't that make Sony look even worse in comparison?

We've already got people in this very thread saying this means Nintendo's way of doing things is better Sony's. I'm not going to take sides on that issue, but if LulzSec's goal was to get people to criticize Sony in comparison to Nintendo then they seem to have succeeded.

--
This Space Intentionally Left Blank
1. Re:Actually about Sony? by flowwolf · 2011-06-05 10:27 · Score: 2
  
  Stop pretending that the members of lulz security, operation anon, anonymous, 4chan, whatever you call them; are part of some sort of moral higher ground. They hacked nintendo get steal valuable information. plain and simple. Any other motives they pretend to have are contrary to their actions. Vigilante groups like them will just lead to harsher regulation laws that hurt people like me, the consumer and benefit corporations like the one they're supposedly fighting.
Re:I guess they were running Linux just like Sony by pandrijeczko · 2011-06-05 09:22 · Score: 2

You reasoning is not logical.
If they were, as you say, running Linux like Sony then that would possibly serve to explain a scenario where Nintendo were hacked in an identical way to Sony.
However, in this case, Nintendo did not suffer the same fate as Sony - therefore I can only assume that either:
a) the hackers were unsuccessful in their attempt to hack Nintendo, in which case it might be concluded that this was because Nintendo use an entirely different OS set up to Sony to which the hackers have less expertise in discovering flaws, or,
b) the hackers made a conscious decision not to attack Nintendo despite being able to use the same attack vectors on Nintendo as they did on Sony.
In both of the above, both Sony and Nintendo running Linux (if such is the case) does not serve to explain why Sony was hacked and Nintendo wasn't.
One must therefore conclude that your statement was an attempt at humour which failed dismally. But thanks for trying anyway.

--
Gentoo Linux - another day, another USE flag.