Like always, there are more and more cyber-attacks that have been showing up in recent days. From the EQUIFAX Cybersecurity incident to the VEVO attack because an employee told hackers to fuck off. And now, we see that a gaming statistic service has been hit really hard with a ransom plea.
R6DB, an online service that provides statistics for Rainbow Six Siege players, went down over the weekend after an attacker wiped the company’s database and asked a ransom. In a statement released on Sunday, the company said an automated bot accessed their server, wiped the database, and left a ransom note behind.
The attacker’s bot was able to access the database because the company’s engineers left remote connections enabled for the database server from the development phase. All of this happened during a server migration.
“Due to the hectical and unplanned September migration, we didn’t have everything locked down yet, which led to this situation,” an R6DB spokesperson said. “They left a nice ransom message, but we have no reason to believe that they kept any data. On top of that our backups are useless, since they didn’t work on the Postgres codebase yet.”
The attacker only accessed the database, but they decided to wipe and reinstall the entire machine, just to be safe. However, it seems like some of the data is gone for good if the expectations by the engineers are anything to go by. Namely, player statistics, which are the reason why gamers used R6DB to begin with.
“We basically lost all our historical data,” said R6DB. “Some profiles are gone. We can re-index them when searched for, but that’s a step we can’t do ourselves.” The R6DB Staff says they never stored any personal data on Rainbow Six Siege players, so service users don’t have anything to worry about.
“Progressions (aka historical data) are [EXPLETIVE] They’ll fill up again over time, but the past is gone,” R6DB said. “We still have some older data, but about a months worth of aliases is lost.”
So it seems like even gaming services don’t keep up to date with the latest in security. Well, I guess we’ll keep seeing news like these until companies step up their security game. You can access the website right here and see any and all future updates that come by for the service