Ragnarok Online Hacked, User Data Leaked

Thanks to GameSpot for their article indicating a major hacking incident on the PC MMORPG Ragnarok Online. According to the piece, developers Gravity initially "..reacted by rolling back the game's data a day, as a number of users had created items with game-master privileges", but then the problem worsened and revealed an apparent server-side hack, as opposed to the client-side hacking of Shadowbane, as "...a full list of user IDs and passwords was leaked to the general public... allowing anybody to gain access to any user account." There's also a very informative post on the GameFAQs messageboards detailing the spread of the 'user.txt' file around messageboards and P2P networks. The official Ragnarok site currently only has a form for players to reconfirm their identities via email, and has offered no official statement.

wtf? why?!

[Lord Bitman]

Uhm.. excuse me, but why would the passwords be storedin plain text? Is there something I'm missing here, or are MD5 and crypt's weaknesses so completely crippling that it's better to just store passwords as they are typed in?

I hope subscription data wasnt as easily hacked

[FauxReal]

Id be triple checking my credit card statements for the next couple weeks just in case. I wonder how damaging this is for the company's business itself... how many customers will pack up and leave?

so you can email them back on request

[DrSkwid]

why would the passwords be storedin plain text?

because paging a sysop to give you a new password is too much trouble

Re:so you can email them back on request

[LordLucless]

Who needs to page a sysop?

Automated password generation ain't hard. I stick it on every website I do that uses a password-based login system.