Hot on the heels of Sony's hacker troubles, Square-Enix subsidiary Eidos reports that it has had as many as 25 000 email address stolen from its mailing lists and had to shut down two of its websites, including deusex.com, due to infiltration and defacement by hackers. According to their own press release:
Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites. We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.
Apparently, the splash page for Deus Ex's website was replaced with the words "Owned By Chippy1337" on Thursday morning; meanwhile the alleged hackers' online chatter reportedly recorded by Krebs on Security indicates that as many as 9000 resumes, files containing information on 80 000 users, and potentially even source code for Eidos games have also been comprimised; further, according to the chatter the alleged hackers intend to release the data they stole on file-sharing networks. Eidos' official line from their press release appears to contradict this information; they report that 350 resumes and 25 000 emails were stolen, and that no credit card information was compromised, nor were the emails stolen attached to any other personal information.
The impact this will have on Eidos' customers and the authors of the stolen resumes is not yet clear. Should Krebs be correct and the hackers intend to release the data they stole on the internet, it is not clear why "hacktivists" would release email addresses and resumes - and, unsurprisingly, groups like Anonymous are being mentioned as potential culprits. Source code, meanwhile, would be a much more likely target for dissemination by such individuals. However, as others have already mentioned elsewhere online, the email address and (even worse, considering the amount of personal information they contain) resumes could be targeted for email scams and identity theft. Meanwhile, there are some suggesting that the names the hackers left behind may have been faked or purposely misused - perhaps to mislead authorities or even to lay blame on rival hackers.
We will have more for you on this story as it develops.