Blox security issue

Since my previous posts have been taken out of context, I'll once again clarify this.

It appears that the game 'Blox' was implementing a password recovery feature which stored passwords in an insecure manner. I currently believe this was an honest mistake, and not malicious.

Since the passwords were stored insecurely, I did reset all passwords and notify you about this. However, according to my logs almost none of the INIs containing the stored passwords were actually accessed by the developer.

These facts combined, I believe that in this case it's extremely unlikely that your passwords are being used maliciously.

Since your password has existed in essentially plaintext form you should still change your password to something new as a precaution.

For the other games ('Pixelio', 'Pixel Castle', 'Cubic Planet') mentioned previously, my assumtions are still that your password has been collected & sold. Blox is a separate case, which I should have indicated more clearly.

Reacties (0)

Laatste bericht op 17 Oct 2018