UPDATED: Some Black Desert Online Accounts Preemptively Locked After 3rd Party Site Security Breach
UPDATE: We've received additional information from Kakao & Pearl Abyss about the data breach.
GM Dew here from the Kakao GM team. I can see a lot of you are concerned about how this data got leaked. I want to reassure all of you that your account safety is our top priority here at Kakao Games, and that this data breach did not happen on our side. What happened here is that a lot of players use the same email and password on a lot of different services. Over the past years, there have been many many data breaches in a lot of very popular websites.
So who is affected? Players that use the same email and password on several different sites / services / games, one of which has had a data leak in the past.
On our side, there has been no data leak, and your passwords are all saved in an encrypted way, using the latest standards and technologies. However, as long as players are still using the same email + password combination that are already unsafe, they will be vulnerable to getting hacked. This doesn't count just for BDO, but anywhere where you are using the same account info. This is the very reason why we advise everyone to use 2 Step Verification, and to change your password often. On top of that, as soon as we are alerted of such an account list being shared, we immediately lock the listed accounts for verification and reset the passwords to protect them from any further harm. We also pro-actively send out an email to the affected email addresses to let them know this email + password combination is no longer safe.
So please everyone, make sure to change your password often enough, and avoid using the same email + password combination everywhere. Being hacked like this is something only you yourself can prevent.
After a security breach of Black Desert Online user information, Kakao Games has locked down some player accounts. The company posted late yesterday that it had become "aware that account information of a number of users has been posted publicly on various sites and platforms" which led to the locking down of all "known accounts".
At this time, Kakao is unclear "if this data breach was from Kakao or a third party site". At this time it's only confirmed that the information found on "various sites and platforms" is specific to Kakao accounts. Information is said to be in the form of "unencrypted and validated data".
To retrieve the account, players will need to provide several pieces of information:
When contacting customer support please ensure the following:
- You must contact us from the new email address you created.
- State the email address your account is currently associated with.
- A photo of your photo ID card, taken in front of today's physical newspaper clearly showing the date, or over your screen showing your open ticket needs to be added as an attachment to the ticket. Please understand we will have to delete the tickets with the incorrectly added pictures, which may slow down the process for you.
- Please obscure the identity number and pass photo before you send or scan us a copy of your ID.
By submitting your personal identification for account verification, you consent to the handling and processing of the information you provide. Once processed, your personal identification will be deleted along with the holding ticket within 90 days.
Read the full post on the Black Desert Online site.
Thanks to our anonymous tipster.