The video game industry’s data protection woes continued this weekend, as online gaming developer Nexon Korea Corp joined a growing list of companies suffering cyberattacks by hackers.
According to a Reuters report, the Korea Communications Commission (KCC), South Korea’s communications regulator, revealed on Friday that hackers were responsible for stealing and leaking personal data of some 13.2 million Nexon subscribers in South Korea.
The information leaked included user IDs, real names, registration numbers and passwords. Bank account numbers and information regarding financial transactions was reportedly not breached, and Nexon has requested a police investigation into the matter.
A Nexon spokesperson was quick to stress that no accounts outside of South Korea were affected.
“We operate separate servers in each country,” he said, according to the Korea Herald. “Only Korean users’ information was affected.”
Nexon, which makes popular online games including MapleStory and Kart Rider, is just one of several gaming companies hit by hackers this year. In April, Sony made headlines when it suffered a data breach to its Playstation Network (PSN) and other online properties that potentially exposed the information of 100 million users and forced the company to shut down the service for nearly a month. Sony is estimated to have spent around $171 million dealing with the issue, which has gone down as one of the biggest data breaches in history.
Following Sony’s episode, several other video game titans, including Sega and Nintendo, revealed they too had suffered data breaches, though both were decidedly minor compared to Sony’s.
More recently, Washington-based Valve Software revealed that hackers had defaced a community forum for its online gaming network Steam and stolen information on about 35 million users. Valve, which distributes more than 1,800 games, including such popular titles as Call of Duty: Modern Warfare 3 and The Elder Scrolls V: Skyrim, through its Steam service, responded by promptly informing those affected by the breach and closing the forum for a brief period of time.
Similarly, Nexon wasted no time coming forward about its own breach. According to Reuters, the company discovered the breach on Thursday, November 24, and the KCC made its announcement the following afternoon.
This represents a significant difference from the Sony breach, in which people criticized the company for waiting weeks before revealing the incident. Though Sony made several sweeping moves to bolster its data security practices, the delay in notifying those affected served as a black eye for the company.
However, the breach does come at an extremely unfortunate time for Nexon, which is planning the initial public offering of its Japanese affiliate on the Tokyo Stock Exchange in the coming weeks. According to report, Nexon had planned to raise roughly $1.3 billion in its IPO in December, but it is unclear how – or if – this incident will affect its goals.
Nevertheless, Nexon has taken other steps to help protect its customers, such as requesting that subscribers – regardless of their locations – change their passwords, which could prevent any further damage, Reuters noted. At this point, it is unclear the extent of the damage caused by the breach.
What is apparent, however, is that although data security problems continue to plague the gaming industry, companies seem to be learning from past mistakes and are now making moves early to right their wrongs. While it would be ideal for companies to simply protect themselves better against such incidents, it is encouraging to see that many are responding to threats quickly in order to mitigate damage.
Security News from SimplySecurity.com by Trend Micro