« Destination India? | Main | Saddam 'had no link to al-Qaeda' »
Data stolen
Linden Lab reported today that it is notifying its community of a database breach, which potentially exposed customer data including the unencrypted names and addresses, and the encrypted passwords and encrypted payment information of all Second Life users. Unencrypted credit card information, which is stored on a separate database, was not compromised.
We might expect some spam from over there...
Technorati Tags: second life
Posted on September 9, 2006
in Limit of my knowledge
Digg this | 
Add to Delicious | Technorati reactions | Permalink | 
Comments (1)
Comments
Incorrect. Here's the info from the mail they sent me:
-------
Q: Was my account information compromised?
A: We discovered that a database was accessed by the intruder, and we are able to determine the aggregate size of the data that was downloaded through the intrusion. The database accessed includes customer account information, including Second Life account names, real-life name and contact information in unencrypted form. Account passwords and payment information (consisting of credit card numbers and Paypal transaction IDs) are stored in this same database in encrypted form. However, there is no way to identify which data were accessed at the level of individual users, only the aggregate size of the downloads returned from the intruding database queries. We are conducting further investigation to try to determine the class of data exposed.
-------
So yeah, credit card data was in the same database and *was* also compromised.
Posted by CraHan | September 10, 2006 2:30 AM