Following a recent attack on the Runes of Magic database, Frogster has issued an official response that states it has introduced comprehensive protection measures and filed criminal charges against the hacker.

According to Kotaku, user augustus87 claims to have access to the account names and passwords of 3.5 million Runes of Magic players. He is threatening to release the information gradually until his demands are met, which include changes to forum policy and better online security. He has already publicly posted the login details of around 2,000 players, but Frogster quickly deleted the post and stated that the data was outdated information from 2007.

Regardless, Frogster temporarily blocked the compromised accounts and is asking all players to change their passwords. More details can be found in the official response after the jump.

Official Response to Hacker Attack on Frogster

Comprehensive protection measures introduced and criminal charge filed

Berlin, 18.01.2011: An anonymous hacker published two posts on the player forum of Runes of Magic, one early on the 13th of January, and the other during the course of the 14 of January 2011, in which he threatens to publish customer data and internal company information. To reinforce his claims for changes to forum policy and some of the technical aspects of the game’s operation, he publicly posted the login details of around 2,000 players. To protect the affected players, the posts in question were immediately removed and secured as evidence by Frogster. This attack constitutes a serious criminal offence and Frogster immediately informed the German State Office of Criminal Investigation.

The data released consisted of logins registered in 2007. Frogster immediately blocked the compromised accounts on a temporary basis (account management, forum, and game access) and has personally informed the affected players about how they can reinstate their accounts and the reason for the suspension. As a precaution, Frogster calls for all players to change their game-, forum-, and payment system passwords.

Once the hack had been discovered, Frogster immediately assembled a task force and is currently using everything at its disposal to investigate this situation. Right after the publication of the attack, Frogster systematically inspected all of its systems for weak spots and backdoors and implemented new firewalls, new user privileges and passwords, as well as introducing further security measures.

Frogster takes protecting its players from these types of risks and threats very seriously and uses all means to contain and prevent them. At the same time, the publisher is pushing on with its continual process of expanding and optimising its technical infrastructure.

Regarding the claims of the attacker, Frogster emphasises that its team is always open to constructive criticism and suggestions for improvement. However, the company considers blackmail attempts, which put the privacy and security of players in danger to be wholly unacceptable and will not concede to them. Frogster’s approach to forum policy is very much in line with the industry and follows the forum rules which are publicly available to all users: https://forum.runesofmagic.com/announcement.php?f=64&a=82. Frogster  does only intervene in cases of severe breaches of these regulations. Certain technical aspects of the game operations are subject to legal requirements, and there are other aspects over which the Berlin-based games publisher has no direct control.

Players unaffected by the attack can continue to log into and play Frogster’s online games as normal. On Friday, Frogster provided its player community with the following statement: https://forum.runesofmagic.com/showpost.php?p=2838322&postcount=1.

Frogster’s community management and customer support teams are available to answer any questions their players may have. A forum thread has also been set up to act as the central point of information for general security queries which can be found here: https://forum.runesofmagic.com/showthread.php?p=2850025#poststop.

In the interests of data privacy, Frogster asks representatives of the media strictly not to publish any of the player data released by the hacker, or publish any pictures which make this content visible, nor to embed the hacker’s videos into articles, nor provide links to these videos.