2014/2/6のセキュリティ侵害について

Official Community Update 2/10/14

Dear Realm,

As you have read by now, our servers detected a security breach on or about 2/6/14.

Please read this post for critical information on what was compromised, changing your password and other important items: Click here.

We'd like to share some additional information with you specifically about the game:

1. We do not yet have an ETA to bring the game back up. As soon as this status changes, we will update everyone.
2. We will be presenting a Player Appreciation program, the details of which will be introduced as soon as the game is back up. This is simply a thank you to the players and the community for all of your support and patience over the last several days.

Thank you all again, we're looking forward to bringing Realm back to the players.

RotMG Team

IMPORTANT: Official Realm Update (2/6/14)
On or about February 6, 2014, our servers detected a security breach in connection with the customer support database for the forums accessed through the Kabam.com site at community.kabam.com. We have eliminated the vulnerability that led to the breach and the site and database are now secure. If you have ever submitted a support request through blog.wildshadow.com/support (support@wildshadow.com), your account username, your email address, and your IP address were necessarily included in this database and accessible to the individual(s) who breached the database. Additionally, while Kabam never requests any additional personal information in connection with support, if you provided such information in your support request (for example, your user password, name, address, contact information, credit card information, bank information etc.), such information was present in those requests in the database and was viewable in connection with the unauthorized access.

Because of the security breach, we are requiring that you immediately change your forum password. To the extent you believe you provided usernames and/or passwords for other sites and accounts in support requests, you should change your passwords for those accounts and sites as well.

To the extent you provided credit card information or additional personal information in support requests, you should remain vigilant for incidents of fraud and identity theft by regularly reviewing your statements for those accounts and monitoring free credit reports. If you discover any suspicious or unusual activity on your accounts or suspect fraud, be sure to report it immediately to your financial institutions. In addition, you may contact the Federal Trade Commission (“FTC”) or law enforcement to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. To learn more, you can go to the FTC’s Web site (www.consumer.gov/idtheft), call the FTC at (877) IDTHEFT (438-4338), and/or write to the FTC at:

Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580

You may also periodically obtain credit reports from the nationwide credit reporting agencies. If you discover information on your credit report arising from a fraudulent transaction, you should request that the credit reporting agency delete that information from your credit report file. In addition, under federal law, you are entitled to one free copy of your credit report every 12 months from each of the three nationwide credit reporting agencies. You may obtain a free copy of your credit report by going to www.AnnualCreditReport.com or by calling (877) 322-8228. You may contact the nationwide credit reporting agencies at:

Equifax (www.equifax.com, (800) 525-6285
)
P.O. Box 740241

Atlanta, GA 30374-0241


Experian (
www.experian.com, 
(888) 397-3742
)
P.O. Box 9532

Allen, TX 75013

TransUnion Fraud Victim Assistance Division
 (www.transunion.com
, (800) 680-7289
)
P.O. Box 6790

Fullerton, CA 92834-6790

In addition, you may obtain information from the FTC and the credit reporting agencies about fraud alerts and security freezes. You can add a fraud alert to your credit report file to help protect your credit information. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you, but it also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide credit reporting agencies listed above. As soon as that agency processes your fraud alert, it will notify the other two agencies, which then must also place fraud alerts in your file. In addition, you can contact the nationwide credit reporting agencies regarding if and how you may place a security freeze on your credit report to prohibit a credit reporting agency from releasing information from your credit report without your prior written authorization.

Additional information and actions may be available from your your state, as follows:

IF YOU ARE AN IOWA RESIDENT: You may contact local law enforcement or the Iowa Attorney General’s Office to report suspected incidents of identity theft. You can contact the Iowa Attorney General at:

Office of the Attorney General
1305 E. Walnut Street
Des Moines, IA 50319
(515) 281-5164
http://www.iowaattorneygeneral.gov/

IF YOU ARE A MARYLAND RESIDENT: You may obtain information about avoiding identity theft from the FTC or the Maryland Attorney General’s Office. These offices can be reached at:

Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
(877) IDTHEFT (438-4338)
http://www.ftc.gov/idtheft/

Office of the Attorney General
Consumer Protection Division
200 St. Paul Place
Baltimore, MD 21202
(888) 743-0023
www.oag.state.md.us

IF YOU ARE A NORTH CAROLINA RESIDENT: You may obtain information about preventing identity theft from the FTC or the North Carolina Attorney General’s Office. These offices can be reached at:

Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
(877) IDTHEFT (438-4338)
www.consumer.gov/idtheft

North Carolina Department of Justice
Attorney General Roy Cooper
9001 Mail Service Center
Raleigh, NC 27699-9001
(877) 566-7226
http://www.ncdoj.com

IF YOU ARE A MASSACHUSETTS RESIDENT: Under Massachusetts law, you have the right to obtain a police report in regard to this incident. If you are the victim of identity theft, you also have the right to file a police report and obtain a copy of it.

Massachusetts law also allows consumers to place a security freeze on their credit reports. A security freeze prohibits a credit reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, mortgages, employment, housing or other services.

If you have been a victim of identity theft and you provide the credit reporting agency with a valid police report, it cannot charge you to place, lift or remove a security freeze. In all other cases, a credit reporting agency may charge you up to $5.00 each to place, temporarily lift, or permanently remove a security freeze. To place a security freeze on your credit report, you must send a written request to each of the three major consumer reporting agencies listed above.

In order to request a security freeze, you will need to provide the following information:

1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.);
2. Social Security number;
3. Date of birth;
4. If you have moved in the past five (5) years, the addresses where you have lived over the prior five years;
5. Proof of current address (e.g., a current utility bill or telephone bill);
6. A legible photocopy of a government issued identification card (e.g., state driver’s license or ID card or military identification);
7. If you are a victim of identity theft, a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft;
8. If you are not a victim of identity theft, payment by check, money order, or credit card (Visa, MasterCard, American Express or Discover only). Do not send cash through the mail.

The credit reporting agencies have three (3) business days after receiving your request to place a security freeze on your credit report. The credit reporting agencies must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze.

To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a written request to the credit reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN number or password provided to you when you placed the security freeze, as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The credit reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time.

To remove the security freeze, you must send a written request to each of the three credit reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN number or password provided to you when you placed the security freeze. The credit reporting agencies have three (3) business days after receiving your request to remove the security freeze.