SAN FRANCISCO (Dow Jones)-Videogame maker Square Enix Holdings Co.
(9684.TO) said on Friday three websites it runs were hacked, allowing
intruders to pilfer email addresses and resumes, an attack that will
likely raise concerns about the security of digital data.
Square Enix, which took the websites down after the intrusion was
detected, said hackers took 25,000 email addresses during the hack,
which included a website run by a subsidiary. None of the email
addresses were linked to additional personal data and the website does
not contain any credit card information, the company said.
"We immediately took the sites offline to assess how this had happened
and what had been accessed," Square Enix said in a prepared statement.
The company then "took further measures to increase the security of
these and all of our websites" before restoring them, the statement
said.
Square Enix, which owns the popular "Final Fantasy" franchise of
adventure games, said as many as 350 resumes submitted by job seekers
may have been accessed in the attack. The company is contacting the
individuals who may have been affected.
The hack comes less than a month after Sony Corp (6758.TO, SNE) had to
close several of its popular online gaming services because of an
attack that compromised roughly 100 million user accounts. Much more
data, including physical addresses and telephone numbers, was taken in
that incident.
On Friday, Square Enix, which also makes the "Tomb Raider" series,
said sales fell nearly 35% and it swung to a loss of a little more than
12 billion yen ($148.6 million) in the fiscal year ended March 31.
Yoichi Wada, the company's president, blamed the performance on weak
sales of games designed for consoles.
-By Ian Sherr, Dow Jones Newswires; 415-439-6455;
ian.sherr@dowjones.com"Square Enix can confirm a group of hackers gained access to
parts of our Eidosmontreal.com website as well as two of our product
sites. We immediately took the sites offline to assess how this had
happened and what had been accessed, then took further measures to
increase the security of these and all of our websites, before allowing
the sites to go live again.
Eidosmontreal.com does not hold any credit card information or code
data, however there are resumes which are submitted to the website by
people interested in jobs at the studio. Regrettably up to 350 of these
resumes may have been accessed, and we are in the process of writing to
each of the individuals who may have been affected to offer our sincere
apologies for this situation. In addition, we have also discovered that up to 25,000 email
addresses were obtained as a result of this breach. These email
addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates."