Not to be out done by the likes of Sony, now Square Enix has apologised for allowing hackers to make off with the personal details of thousands of its users.
According to Square Enix’s reports, the email addresses of 25,000 customers were stolen from Eidos’ Canadian site, as well as a further 350 resumes from prospective Canadian workers:
“Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites.
We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.
Eidosmontreal.com does not hold any credit card information or code data, however there are resumes which are submitted to the website by people interested in jobs at the studio.
Regrettably up to 350 of these resumes may have been accessed, and we are in the process of writing to each of the individuals who may have been affected to offer our sincere apologies for this situation.
In addition, we have also discovered that up to 25,000 email addresses were obtained as a result of this breach. These email addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates.
No dissemination or misappropriation of any other personal information has been identified at this point.
We take the security of our websites extremely seriously and employ strict measures, which we test regularly, to guard against this sort of incident.”
As with the Sony hacks, just who is really behind the attack is not known – the “Owned by Chippy1337” message the site was defaced with is suspected to be a red herring.
Fortunately for Square Enix and its victims, the severity and scale of this leak would appear to be rather minor compared to Sony’s record-breaking hack – although, like Sony, Square Enix is not a company much known for honest dealings with mere customers, so whether the hackers obtained anything else in the course of their antics can only be guessed at.
Whatever the effect on the PR efforts of the companies concerned, it seems likely that many consumers will be very much more sceptical about handing out their personal details to every company which insists on it in future.