More information has been discovered about the Square Enix hacking incident. According to a report on France24, the hacker breached an unknown number of servers containing the names and e-mail addresses of 800,000 members in North America and 1 million in Japan, affecting a total of 1.8 million potential users.
The 300,000 European users of Square Enix were unaffected by the attack.
The extent of the damage is unknown at this time. The affected servers stored the customers’ names and e-mail addresses, but many members also registered their postal addresses and phone numbers, a spokeswoman for Square Enix said.
“We [have] yet to learn whether illegal access was gained to our clients’ information,” the spokeswoman said yesterday. “But we have asked our customers to be aware of the incident in case they receive suspicious messages using our name.” Square Enix has maintained that “there is not possibility of any credit card information leak.”
Square Enix has kept the service offline while a “broader internal investigation” is conducted, and the incident has been reported to the Japanese government.
Analysis: This is ugly, but it could be worse. At least this isn’t like Sony’s data breach, which affected over 100 million users. They’re even luckier that there’s no credit card information on these servers and that they caught the problem so quickly. Even better is that there was a less than a 24-hour turnover of information; the breach happened on Tuesday, and members were informed on Wednesday. This gives Square Enix enough time to figure out exactly what happened so they can inform the users. It also helps to protect the users because they can then be on the lookout for scams and/or change passwords if need be. It sounds to me like they’re handling this appropriately, given the circumstances. I commend them for that.
It’s unfortunate that this is the second time Square Enix has been hacked this year: in May, 25,000 customer e-mails and 250 résumés were leaked after an attack on the European side of the company. Add to that the other breaches that happened this year—Sony, Microsoft, Google, Epsilon, SK Comms, Citibank, RSA. and Lockheed Martin—and that’s a lot of breaches. I agree with what Brandon said on Wednesday: the amount of hacking that has happened this year is a bit ridiculous. Hopefully, Square Enix can get everything back to normal and they figure out who did this. Let’s also hope that companies are learning from these experiences so that this is a less common occurrence in the future.