Bundle Stars - Reset your passwords

Neil79

Neil79

Neil79

Caporegime
Joined
8 Sep 2006
Posts
38,906
Location
On Ocuk
We have noticed attempts to access Bundle Stars customer accounts by entering, what we believe to be, stolen email address and password combinations, so we have taken the precaution of resetting all user passwords across the website. Customers' financial information, such as PayPal, credit or debit card details is not stored on the Bundle Stars website, so has NOT been compromised and is not at risk.

We have reason to believe that a number of customer accounts may have been accessed without the permission of the account holder. We think it is likely that an individual or individuals obtained, from the public domain, a list of compromised accounts which have been stolen from other websites.

If your account has been affected, then your email address, password, order history and purchased Steam keys may have been accessed.

Next time you sign in, you will be required to change your password. You will then be able to access your account and order history as normal.

WHEN ENTERING YOUR NEW PASSWORD WE STRONGLY RECOMMEND THAT, TO PROTECT YOUR ACCOUNT, YOU USE A UNIQUE AND PREVIOUSLY UNUSED PASSWORD.

We would also encourage you to update your password across any other websites where you have used the same or similar passwords, and do this as soon as you possibly can.

If your previous email and password combination was unique to Bundle Stars, then your account will not have been affected.

We apologise for the inconvenience and concern that this may have caused you as a member of the Bundle Stars community. We have acted quickly to investigate and take security precautions to protect our customers by removing all passwords so that every customer must choose a new password. We also invalidated the session so that all customers were logged out, and implemented reCAPTCHA.

It is important to stress that our investigation indicates that this breach has not been caused by any compromise of our internal security systems but has been caused by an attack by an individual or individuals that have obtained user and password details from compromised accounts stolen from other websites. Robust security systems and processes are critical to our service and we continuously invest in our information security system to meet evolving threats.

If you have any concerns about your account, please click here to view our FAQ page, or alternatively please contact our support team: [email protected]

Thank you for your understanding on this matter, and we apologise unreservedly for any inconvenience.

The Bundle Stars Team
Click to expand...

First it was DayZ forums now it's this site :p
 
Hmm.. but if I reset my insecure password that I use on sites like this I'll just have to set it back to the insecure password that I use on sites like this. I'm not sure how that will help...
 
FrenchTart said:
Hmm.. but if I reset my insecure password that I use on sites like this I'll just have to set it back to the insecure password that I use on sites like this. I'm not sure how that will help...
Click to expand...

You mean on sites like OcUK?
And you have ban capability now! :eek:

I've taken to using a password manager at home, and just in case, a note book.
 
If I understand the email I just got correctly, Bundle Stars was not hacked in any way?
Some other site was hacked so my Bundle Stars account is only at risk if I used the same password and email address on both sites?

I was hoping for an official Tweet or a posting in their Steam Group for confirmation this is all genuine before I click on any link in an email.

Cheers,
Nothin
 
Well, they sent the email out before the confirmation on their official Twitter feed and Steam Group but they got there in the end so all looks genuine.
 
yeah I'm confused too - so are they saying another site was hacked and people used the email/password from that to try and enter this website?

if that was the case why would BS reset all their passwords ?
 
btw - just checked my gmail - including spam folders etc - and I have an account with BS - but have not received the warning email referred to in this thread

bit odd really
 
Lol, I don't think I read it closely enough the first time round.
After reading it again properly it seems pretty clear that as long as your password was unique to Bundle Stars there is no evidence your account was/could be compromised.
Quote: "We would also encourage you to update your password across any other websites where you have used the same or similar passwords, and do this as soon as you possibly can.
If your previous email and password combination was unique to Bundle Stars, then your account will not have been affected."
 
I can only hazard as guess that the illegal BS account accessing has coincided with a known site hack and/or there was a strong likelihood that people would have accounts on both sites, both game key sites maybe.
I could have course have got it completely wrong, wouldn't be the first time. :)
 
FrenchTart said:
Hmm.. but if I reset my insecure password that I use on sites like this I'll just have to set it back to the insecure password that I use on sites like this. I'm not sure how that will help...
Click to expand...

If you tell me your passwords I'll put together a password modification action plan that's guaranteed to change your life.

Trust me your details at any time!

Here to Help,
Antar.
 
Reset my password to an even stronger one just in case. I have a few keys in Bundle Stars that I haven't used yet and they seem like they are still safe so all is well.
 
You must log in or register to reply here.
Back
Top Bottom