On Sunday afternoon we became aware of a Heroes of Newerth password security breach. We immediately took steps to limit the risk to our players by directly advising the community to change the passwords for any linked accounts.
We’ve been working around the clock with our internal expert security staff to analyze what happened, and it is our mission to be completely transparent. We know that only passwords were stolen. No credit card or billing information was compromised, as we do not store this information. The security breach occurred when a third-party software that interacts with our account database was hacked. Contrary to some outside reports, the game client was not hacked.
We took immediate action to eliminate any future password storage issues by removing the third-parties ability to access sensitive information.
Additionally, while the game was down we upgraded all security systems. The game is back up and all HoN accounts will be prompted to create a new password. All passwords will be expired upon next login. However, we do want to reiterate that those who used the same password for HoN to access anything else to change their passwords.
We take security very seriously. Players must know their sensitive information is secure and S2 will ensure this is the case, no matter the effort or cost.
If you have any questions do not hesitate to ask our Community Manager @s2xanderK.
Marc "Maliken" DeForest
It's good to hear from Maliken himself about this.
Thankyou for acting with haste, and keeping us informed.
Good Job s2!
Thanks You for the update CEO Maliken.
And Merry-ck Christmas!!
Solution against HoN' crashs(Win32 bits only):
Go to start >
Write this, EXACTLY as it's written here, without "": "bcdedit /set increaseUserVa 3072" >
Reboot your computer.
Thanks for the update and explanation. Instead of just saying its fixed and change your passwords.
Are you kidding me? According to reddit and other sources, you used (salted) MD5 for password storage. Any "expert security staff" would know how silly that is. Are those sources just wrong? How does S2 store user credentials?our internal expert security staff
Did you guys have interns design the system? Not sure how else a developer would be incompetent enough to provide third party services access to the database.
The only thing is asking for gold coins ? Really Guys? Its not the fault if S2 ;/ Shame on You Guys Rly. Ty for the Clear Statement Maliken.
Nice to hear Maliken !!!!
A new Alt avatar for The dark lady is coming!
Alter EgoEach vote counts! -> http://forums.heroesofnewerth.com/sh...84Alter-Ego%94