Slashdot Mirror
Epic Games Forums Hacked, Again (betanews.com)
An anonymous reader writes: Epic Games, maker of popular games such as Unreal and Infinity Blade, announced today that its forums have been hacked. Now, if you don't reuse password that isn't a huge deal. But if you have used the same password on any service, perhaps even a variation of that password, you will want to ensure that you have changed password of all your accounts. In the meanwhile, here's Epic Games: "We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered into the forums, but no passwords in any form, neither salted, hashed, nor plaintext. While the data contained in the vBulletin account databases for these forums were leaked, the passwords for user accounts are stored elsewhere. These forums remain online and no passwords need to be reset", says Epic Games.ZDNet is reporting that thousands of passwords have been stolen.
I'll get this in now before it gets buried in comments: Use a password manager. The internet is too risky to be re-using passwords. Although there are various free ones out there, I went and bought 1password. It runs on Windows, OSX, iOS and Android. It has a read-only version that works in Linux. (I wish they'd make a Linux version, but as of yet, they haven't) It also has plugins for every major browser out there. It can also sync your passwords between multiple devices.
You can use it to keep track of all your passwords, and will even generate random passwords for you.
Nowdays, the risk of password re-use is just too high, and you're basically playing russian roulette with someone from a far off country just itching to steal your identity info, or cause havoc in some other way.
There were two different compromises. One of them involted salted+hashed passwords, the other involved no passwords. Crappy ZD clickbait headline+poor /. editing.