Developer Digital Extreme has revealed that its online shooter Warframe was the victim of a hack back in November 2014.
The studio claims to have only just discovered the breach, which saw 775k user email leaked from an older version of the title’s content management system. Passwords, credit card details and addresses were apparently not compromised.
At the time, we believed this to be a phishing scam as our account server was secure,” a forum post explained. After a thorough review of the data we received, we can confirm that a list of 775,749 email addresses were acquired through a Drupal SQL exploit that was patched by Drupal two weeks after the breach occurred.
The stolen data DID NOT include any account passwords, variations of passwords, hashed passwords, game account data or personal player information such as full names, addresses or other billing and payment information.
We take account and game security very seriously and are constantly working to improve and plug any exploits we find. As part of our continued efforts to improve the security of Warframe, over the last year and a half we have added two-factor authentication (2FA) and also replaced Drupal with a custom website system that no longer stores any account information to avoid exposing ourselves to these sorts of attacks.”