"Urgent Security Announcement
September 8th, 2006 by Robin LindenTags : announcement, security, password
On September 6 we discovered evidence that an intruder was able to access the Second Life database through the web servers. The exploit was shut down on the afternoon of September 6 when we discovered it.
Detailed investigation over the last two days confirmed that some of the unencrypted customer information stored in the database was compromised, potentially including Second Life account names, real life names and contact information, along with encrypted account passwords and encrypted payment information.
No unencrypted credit card information is stored on the database in question. Unencrypted credit card information has not been compromised.
As a precaution we have invalidated all Second Life account passwords. In order to log-in to Second Life you will have to create a new password. Please access the log-in page at https://secondlife.com/password, and click on the “Forgot Password” link. An email will be sent to the email address you have registered with us. (Don’t forget to check your spam filter!) Please click through the link in that email, answer the security question, and create a new password.
Passwords cannot be changed over the phone at this time. Phone support for password issues will be available starting Monday, September 11."
1) If this actually happened then thumbs up to the Linden team for fixing it and publicly disclosing this issue. To me nothing beats honesty - and even though maybe they could have sorted it sooner, the fact they've put their hands up and said, "look we've got a problem here and we need you to help us" gains them lots of Kudo's
2) What though if this DIDN'T happen?
"Why?" I hear you cry - well think of the amount of Alt's in-world...and since you're required to remember your answer for your security question...if you cant remember that...then bye bye alt ;)
posted by DJ_Jenns at 4:56 AM
0 Comments:
Post a Comment
<< Home