Reuters wrote:NEW YORK (Reuters) - Second Life, the fast-growing online site where hundreds of thousands of people play out fantasy lives online, has suffered a computer security breach that exposed the real-world personal data of its users.
Linden Lab, the San Francisco-based company behind the Second Life site, said in a letter to its 650,000 users this weekend that its customer database, including names, addresses, passwords and some credit card data, had been compromised.
All users -- or residents in Second Life parlance -- are being required to request a new password. Some 286,000 residents have used the site in the past 60 days, according to a count on the home page at http://www.secondlife.com/.
Reuters wrote:The database breach potentially exposed customer data including the unencrypted names and addresses, and the encrypted passwords and encrypted payment information of all Second Life users, Linden Lab said in the message to users. Unencrypted credit card information, which is stored on a separate database, was not compromised, it said.
The breach was discovered on September 6. The company launched an investigation that revealed an intruder was able to access the Second Life databases utilizing a "Zero-Day Exploit" through commercial software used on Second Life servers.
"Due to the nature of the attack, the company cannot determine which individual data were exposed," Linden Lab's statement said. A technical probe is ongoing, it said.
Yep, nasty one.
They handled it VERY well imo though, when they found out, ALL users were required to do a MANDATORY password change, could not even log in on the old one. You could request a new password from their database, and i sure hope that everyone remembered to give a usefull "secret question" question and answer, or they are pretty screwed, at least till LL would take mail or phone calls.
I dont think i even heard of any other company requiring password changes for everyone after being hacked.
"Terrorism is the war of the poor, and war is the terrorism of the rich"
Hesten wrote:Yep, nasty one.
They handled it VERY well imo though, when they found out, ALL users were required to do a MANDATORY password change, could not even log in on the old one. You could request a new password from their database, and i sure hope that everyone remembered to give a usefull "secret question" question and answer, or they are pretty screwed, at least till LL would take mail or phone calls.
I dont think i even heard of any other company requiring password changes for everyone after being hacked.
I remembered my seekrit question!
All is not entirely well though. On Sept 6th, I had a Linden/U.S. dollar transaction which has vanished. So far, customer service hasn't responded (understandable with the security thing going on) but that needs to be resolved before I give SL the thumbs up for them handling the hack.
Second Life kicks ass for what it is. I'm not playing much atm with lots of other things taking my time but will always head into SL here and there.
It's going to face a lot of growing pains in the next year as it's user base is climbing fast. The nice thing about SL is when they want to, they can take down the world sim by sim for updates instead of take down the entire world. I read somewhere that Linden Labs is rewriting the engine and will be able to switch over it eventually with just a patch.
Linden Labs needs to work on sim capacity if it plans to make it viable for large scale commercial events like concerts, etc. While Second Life can handle 100,000 people online, right now, individual sims top out around 60 which would barely be enough to hold a CT guild meeting.
They might want to add voice chat eventually. Streaming audio has made DJing in SL routine.
You can send an IM offline using email to someone in the game but it doesn't always work (depends on how long ago the last message was sent). SL needs an EQChat type addition to allow communication between offline and online people. A lot of merchants provide support/customer service and it would help a great deal to not have to log into the game sometimes.
If Second Life was publicly traded, now would be a good time to buy stock, especially after the hacker intrusion would have caused a dip.
Winnow wrote:... right now, individual sims top out around 60 which would barely be enough to hold a CT guild meeting.
If that meeting was held the day after the guild was formed maybe. A CT guild meet in their heyday would have choked a WoW cluster.
Sorry, I couldn't resist.
p.s. SPAWN MORE OVERLORDS!
"There is at least as much need to curb the cruel greed and arrogance of part of the world of capital, to curb the cruel greed and violence of part of the world of labor, as to check a cruel and unhealthy militarism in international relationships." -Theodore Roosevelt
Hehe, i seen 74 people in one sim, ONCE. when the club i dance in had its 1 year anniversary.
Crashed 2 or 3 times that night, but we did see those 74 on without any crashes
But yeah, they REALLY need to work on getting more people in 1 sim. Those live concerts and stuff really need more than 60+ people
"Terrorism is the war of the poor, and war is the terrorism of the rich"
This could be better than Deadwood or the Sopranos!
HBO documentary wants to speak with couples and expats in NYC area
Two requests:
1. Are you part of a Second Life couple in the NYC area? Did you meet in-world and get together in real life or are you just part of an in-world relationship?
2. Did you come to Second Life after leaving another virtual world or game to form your own community in SL?
This is for a documentary about MMORPGs for HBO and the production company is specifically looking for NYC area subjects. The producers will call you for a preliminary interview and if you are chosen to participate, you'll be required to do an on-camera interview.
Let me know if you're interested and provide your RL name, number, how long you've been in SL and how you'd like to participate. Contact me at
