Konami accounts suffer brute-force hack, video game players told to change their passwords

pes-2013-170Japanese video game producer Konami – famous for titles such as Pro Evolution Soccer and Metal Gear Solid – has advised customers to change their passwords immediately, after hackers made almost four million attempts to break into users’ accounts in a period of less than one month.

Konami says the attack against its ID Portal site happened between Thursday, June 13th and Sunday, July 7th 2013, and resulted in 35,252 unauthorised logins.

There is no suggestion that payment information has been compromised, but Konami says that customers’ personal information, such as name, address, email address, date of birth and telephone number – may have been exposed by the unauthorised logins.

Konami says it detected the suspicious behaviour on July 8th. One has to wonder if they decided to take a look at what was happening on their customer portal after the widely-reported month-long hack against fellow Japanese video game makers Nintendo.

Sign up to our free newsletter.
Security news, advice, and tips.

The timing of the two brute-force attacks against users’ login accounts can hardly be a coincidence.

Konami customer notice

Even though Konami says that it has taken steps to ensure that the IDs and passwords used in the unauthorised logins can no longer be used to access the site, users still need to ensure they are following best practices for password security.

In short, it’s very important that internet users don’t use the same passwords on multiple websites. If you *do* use the same password in multiple places you only need to have one of your accounts hacked in one place, or for a website to be careless with its security, for everything to start unravelling.

Konami has provided links in its English-language advisory [PDF] offering users advice about how to reset passwords, and details of the Konami one-time-password service.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.