Cyber Attack Update:

The last few weeks have been upsetting for all of us. To say we are disappointed and frustrated that this happened is an understatement. We have worked tirelessly to respond to a malicious cyberattack on our systems. Now that we believe the breach has been contained and we’ve completed a lot of the cleanup left behind, I wanted to take a moment to provide an update on where things stand and the measures we are taking to better protect our community from future incidents like this. We’re fully committed to improving our security efforts and making this game a place where you can enjoy an escape from the troubles of the real world.

Keeping your data safe is a responsibility we take incredibly seriously, and preventing this type of event from happening has always been important to us. Unfortunately, this time we were not successful.

What Happened?

We know you’re all curious to know exactly what happened, but we’re limited in what we can share due to the ongoing investigation. We don’t want to inadvertently compromise a criminal or civil case.

What we can do is share a general picture of what took place. We’ve been enduring attacks for well over 2 years. When thwarted, certain people find new avenues to attack our systems or exploit the game. Many of these attacks were exploits with items in the game, brute force attacks to compromise account passwords, phishing scams via unauthorized software, attempts to steal website session info, incessant spamming, and DDOS attacks.

We now know that the attacker briefly gained access to internal support tools and privileges. They were able to cause mayhem in the game and look up some of the personal and support information of several players. This included some billing information, but not full credit card data. The attackers did not gain access to the database. When the team became aware of the breach we quickly took Puzzle Pirates down and added safeguards to prevent further attacks. We rolled the servers back to well before the attack to ensure data integrity and now believe we have contained this attack.

This person wasn’t able to collect all of our data, or even a significant portion. Data needed to be accessed individually, meaning the person had to actively look up another player in order to collect their information. This indicates that this was a targeted attack on those individuals, including members of our staff. The result of this is that they managed to collect data on a few select individuals which may have included things like, name, address, support history, IP, and a partial credit card number. We do not retain full details of your method of payment in our system, so players don’t need to worry that it could be used elsewhere. While this attack was small in terms of the number of accounts accessed, it’s in no way small in terms of how it impacts those players or our community.

We have comprehensive logs obtained during the time of the attack. Over the next few weeks, we will be contacting the owners of accounts whose personal information may have been accessed. This will be done via the email address listed on the account in question. Once we’ve completed contacting players who were affected, we'll post here to confirm the process is complete.

We encourage everyone to take an active role in securing your account. While we do not believe your pirates are at risk, it's a good habit to establish while online. This includes removing any software you have installed onto your computer that’s used to manipulate the game client (like bots). Not only are they against the Terms of Service, but many include phishing and/or malware designed to compromise Puzzle Pirates accounts and possibly other non-game related dangers.

While we do not believe these bad actors intend to stop, we’re investigating all of our legal options. They are doing this to upset us and all the pirates in our community. If you are contacted by these reprobates please ignore them and forward any logs, screenshots, or other evidence to support@puzzlepirates.com.

Long Term Plans

Cyber attacks are something every online company has to contend with, even a small game like ours. As a small team developing a game that’s almost 2 decades old, we’ve spent countless hours preventing these attacks to the detriment of our new content roadmap. Time and time again these attacks are causing us to delay content or delay implementing changes to the game. Rather than simply reporting a found issue, they will create havoc and cause a lot of damage which costs a lot of time to clean up. Each time this happens, it takes valuable time from our developers that we’d rather spend creating something fun or fixing long standing game related issues.

We have been lucky to keep Puzzle Pirates going for these last twenty years. Keeping the game safe will continue to be our number one priority. To help us be able to both protect our community and create new content, we will be doing the following:

• We will be hiring another developer and another member for our support team. You can expect to see those job postings in the near future.
• We will be introducing a bug bounty program. Essentially if someone reports a serious exploit or security vulnerability without also taking advantage of it, we’d compensate them financially. We will post more details regarding this program once it’s ready to be implemented.
• We are building a new website. From the player’s point of view, it will look very similar. However the backend will be quite different and allow for us to add even more safeguards.

The team at Grey Havens and I apologize for the recent troubles. We are doing our best to make sure it won't happen again. It's been a privilege to sail with you these decades and we hope to do so for many more.

Ahoy,

We've reviewed the logs captured during this incident to identify all the accounts who might have had their information exposed. This kind of task can be pretty time consuming, so thank you for your patience. As Daniel mentioned, the number of accounts that may have been exposed was quite small, and the vast majority were previously banned.

I've completed sending out notices to all those who might have had their information accessed during this cyber attack. Notices were sent to the email address associated with your account. If you were contacted and have some questions, feel free to respond to the email. Similarly, if you have information regarding this attack, please forward it to support.

As we have more information on our long term plans, we'll post them here.