Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission Summary: 0 pending, 0 declined, 2 accepted (2 total, 100.00% accepted)

DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Role Playing (Games)

Submission + - Second Life database intrusion via web

Jim writes: A major security exploit was discovered by Linden Labs, the company that operates Second Life. It turn out that on September 6th, a exploit was discovered that allowed an intruder to access the Second Life database via the web servers. They proceeded to close the exploit. Today, September 8th, they finally announced this to residents and cancelled ALL PASSWORDS. They have asked everyone to use the reset password form to make a password. The form asks basic security questions such as: "What street did you grow up on." This has resulted in mass confusion amongst residents on the forums who cannot remember their security question.

Calls to Linden Labs offices in California are directed to a message telling residents to change their password via secondlife.com/password.

According to the Second Life Blog: http://blog.secondlife.com/ :

"On September 6 we discovered evidence that an intruder was able to access the Second Life database through the web servers. The exploit was shut down on the afternoon of September 6 when we discovered it.

Detailed investigation over the last two days confirmed that some of the unencrypted customer information stored in the database was compromised, potentially including Second Life account names, real life names and contact information, along with encrypted account passwords.

No credit card information is stored on the database in question, and that information has not been compromised.

As a precaution we have invalidated all Second Life account passwords. In order to log-in to Second Life you will have to create a new password. Please access the log-in page at https://secondlife.com/password, and click on the "Forgot Password" link. An email will be sent to the email address you have registered with us. (Don't forget to check your spam filter!) Please click through the link in that email, answer the security question, and create a new password."

Slashdot Top Deals

Every little picofarad has a nanohenry all its own. -- Don Vonada