Game company Bethesda is latest hacker target
Tuesday, June 14, 2011
NEW YORK (AP) — A group of hackers has gained access to the websites of the U.S. Senate and video game company Bethesda Softworks, the latest in a series of cyberattacks plaguing a broad range of online victims.
The group, which calls itself Lulz Security, posted what it called a "small, just-for-kicks release of some internal data" from Senate.gov on its website on Monday. Likely referencing reports that the Pentagon is considering whether a cyberattack could be considered an act of war, the group also wrote "is this an act of war, gentlemen? Problem?"
A representative from the office of the Senate sergeant-at-arms did not immediately return a phone message for comment Monday afternoon.
Bethesda acknowledged the intrusion in a blog post Monday, saying hackers may have gained access to users' names, email addresses and passwords. The company said no credit card data or other financial information were compromised.
Josh Shaul, chief technology officer at database security software maker Application Security Inc., said the data Lulz posted is "verifiable proof" that it was able to gain access to and take control of the Senate's website.
"It's a very skilled group," he said. "They claimed it was easy."
Lulz Security has also recently claimed responsibility for breaking into the websites of PBS, Sony Pictures, Nintendo and others. Meanwhile, it's unclear who was responsible for a recent cyberattack on the International Monetary Fund's computer system or the one on Citibank that stole about 200,000 credit card account numbers, customer names and email addresses.
Shaul said the recent string of attacks take advantage of insecure systems. While companies are protecting the perimeter of their computer systems, once hackers get in, "everything is there to own," he said. It's the equivalent of a bank putting a guard at the door and leaving all the money in a pile instead of in safes and vaults, he added.
"We've created this situation where it's so easy for a skilled attacker to break in and get data," Shaul said. "They are doing it because they can."
Bethesda declined to comment beyond its blog post and did not say how many users were affected.
In Twitter messages, Lulz (Internet-speak for laughs) said it has had information on more than 200,000 users "for weeks" and broke into Bethesda's website more than two months ago. Bethesda, meanwhile, said that a hacker group "attempted an unlawful intrusion" over the weekend.
Lulz said on its website Monday it is not releasing information it has on the 200,000-plus users.
Bethesda, behind games such as "Brink" and "Fallout: New Vegas," is a subsidiary of ZeniMax Media Inc., based in Washington, D.C.