Retailer GAME says reported data breach is bogus

Video game retailer GAME has said that a batch of customer details supposedly leaked onine is not genuine, after a list of logins was posted on the Internet over the weekend.

Email addresses and passwords were posted in plaintext, but a GAME spokesperson said that the email addresses were not registered at GAME.co.uk, adding that there had been no breach of the company’s database security. "We have thoroughly investigated the hacking claims made today by the website Pastebin, and can confirm that they are entirely false," the spokesperson said.

Nearly 200 logins were posted by on the Pastebin website, which allows anonymous users to post text without being traced. The author claims to have used a shell injection on the GAME.co.uk website – using a vulnerability in the front-end to input a malicious command to the back-end.

In other fake data breach news, last week Chinese authorities claimed that a series of data breaches reported in December had been "fabricated". It said that the data breaches had been faked for reasons including: ‘showing off’, ‘defrauding others of money’, ‘promoting their web security products’ or disturbing and ‘disparaging the real-name registration move’ – a government initiative to forcing users micro-blogging websites to register their real names.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Retail