[ISN] NCsoft site deluged with stolen identities

InfoSec News isn at c4i.org
Tue Feb 14 01:39:00 EST 2006


By Seo Ji-eun, Lee Weon-ho
February 14, 2006

Hackers have used the private information of hundreds of people to 
register on the Web site of "Lineage," one of Korea's most popular 
online games. Complaints to the game developer, NCsoft Corp., have 
been rapidly piling up.

The company said yesterday that it had received up to 600 reports so 
far of people being registered without their knowledge as members of 
the role-playing games "Lineage" and "Lineage 2." The two games have a 
combined subscriber base of 2 million members.

The Ministry of Information and Communication also said that a large 
number of people have posted notes on Internet communities and portal 
sites, saying that their names and resident registration numbers were 
used to sign up with the game site without their permission. 

"This is the first time that such a huge number of illegal name usage 
cases have been discovered," said an NCsoft spokesman. "The majority 
of the registrations took place between last November and January this 
year." He added that it seems highly likely that the major portal 
sites or online communities were hacked, but the company is now 
conducting an investigation.

In Korea, gamers can only register one account per person. Observers 
speculate that hackers used stolen identities to play multiple games, 
thus earning more virtual items that can be sold for cash.

Regarding this case, online industry experts estimate that the total 
number of netizens whose information was pilfered and used without 
their consent on the game site could reach the hundreds of thousands, 
considering the number of official reports already. 

In order to check if one's private information has been used, one can
and type in one's name and resident registration number. The firm's
customer center is accepting reports via telephone at 1566-6600.

The police will take action as soon as the investigation reveals the 
cause and method of the information leakage.

More information about the ISN mailing list