U.K.-based video game publisher Codemasters e-mailed its customers today to tell them that the company suffered a major online security breach one week ago.
The breach has exposed gamers' personal information, though Codemasters, the publisher of the recent Dirt 3 and Operation Flashpoint: Red River says payment information was not obtained.
"Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies," the company said in an e-mail to customers today. "We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law."
In their e-mail to its customers, the company detailed the types of information that was accessed. "We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion."
The publisher says that, "on Friday 3rd June, unauthorised entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion."
The hacker gained access to the Codemasters.com website, the web page used to redeem VIP codes for the recently-released racing game Dirt 3, the Codemasters Estore and the database for the publisher's online fan club CodeM.
The CodeM part of the breach has exposed the following: "Members' names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised. Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen."
Apologizing for the incident, the company recommended that users change their passwords and says anyone with concerns should send an e-mail to firstname.lastname@example.org.
Codemasters has taken its website offline, redirecting it to its Facebook page. It says a "new website will launch later this year."
Those wondering if they were affected in the breach should look for an e-mail from Codemasters. The publisher is saying that they're "contacting all customers who may have been affected directly."
[Thanks to everyone who sent this in.]