facebook rss twitter

Nintendo website hacked

by Hugo Jobling on 7 June 2011, 11:07

Tags: Nintendo (TYO:7974)

Quick Link: HEXUS.net/qa6ap

Add to My Vault: x

Hull breach

Showing that no company is safe from the latest wave of hacking attacks, Nintendo has found itself subject to a security breach, with one of its web servers being compromised.

The group apparently responsible for this attack, which calls itself LulzSec and has claimed responsibility on a number of other sites (including several Sony websites), posted a web server configuration file on its website saying that it had secured access to the server. Nintendo confirmed the attack, but highlighted that no customer or corporate data had been accessed in the breach.

nintendo website

LulzSec stated on Twitter that: "We're not targeting Nintendo...we sincerely hope Nintendo plugs the gap." The group also confirmed Nintendo's claims that no important data was lost in the breach stating "we just got a config file and made it clear that we didn't mean any harm. Nintendo had [sic] already fixed it anyway." We'll leave it open for debate whether the definition of 'harm' should exclude unauthorised access to web servers.

Of course, even if Nintendo isn't a target to this group of hackers, there's nothing to stop other parties from trying their hands at breaching Nintendo's defences. With the cost to Sony of the PSN attacks estimated at over £100 million, protecting customer data is a big issue and one that companies with as large a presence as Sony and Nintendo clearly need to be concerned about - as do customers trusting these third parties with their data.

 

HEXUS Forums :: 2 Comments

Login with Forum Account

Don't have an account? Register today!
Posted by watercooled - Tue 07 Jun 2011 15:09
I think they're doing Nintendo a favour then, pointing out what what their devs missed and hopefully this is another nudge to ensure companies have proper measures in place and remember to install critical updates.
Posted by crossy - Tue 07 Jun 2011 16:04
LulzSec stated on Twitter that: “We're not targeting Nintendo…we sincerely hope Nintendo plugs the gap.” The group also confirmed Nintendo's claims that no important data was lost in the breach stating "we just got a config file and made it clear that we didn't mean any harm. Nintendo had already fixed it anyway." We'll leave it open for debate whether the definition of ‘harm’ should exclude unauthorised access to web servers.
Well, I'm firmly of the opinion that unless there was ‘damage’ (including dissemination of confidential data to 3rd parties) then there's been no harm, and especially if there's been a fault report put into the website's owners. In this event LulzSec appear to have done a free pen test on Nintendo's website! I'm well aware that there's others (mainly politicians) who regard penetration of a website - whatever the reason and result - as a criminal activity to be punished severely.
Of course, even if Nintendo isn't a target to this group of hackers, there's nothing to stop other parties from trying their hands at breaching Nintendo's defences.
Hopefully LulzSec have pointed Nintendo towards what's wrong with their site, in which case that's one less hole for the less responsible to find. ;)