Gamespy now leaking UT3 email address(es)

  • Two Factor Authentication is now available on BeyondUnreal Forums. To configure it, visit your Profile and look for the "Two Step Verification" option on the left side. We can send codes via email (may be slower) or you can set up any TOTP Authenticator app on your phone (Authy, Google Authenticator, etc) to deliver codes. It is highly recommended that you configure this to keep your account safe.

IronMonkey

Moi?
Apr 23, 2005
1,746
0
36
62
Scotland
www.margrave.myzen.co.uk
It would seem that Gamespy has managed to disclose the email address used to register my copy of UT3.

Spamming gits have started using it.

The email address was unique to UT3 and since I haven't played UT3 for several years, it is unlikely that it has been sniffed in transit.

Just adding insult to the injury of having had to use Gamespy. :(
 

Princess_Die

Always Out Numbered... Never Out Gunned
Feb 22, 2006
185
0
0
Neither of the two accounts I used for UT3 have gotten spam (yet).
 

IronMonkey

Moi?
Apr 23, 2005
1,746
0
36
62
Scotland
www.margrave.myzen.co.uk
This. Brute force is common now, and once an e-mail doesn't bounce, they know it's a legit address. If it bounces with a legit bounce message, they know it's a real server too.

My domain is set to accept all email. If I had been subject to a brute force attack I would have known.

The odds of a random brute force attack finding exactly the obscure (non-dictionary) and lengthy email address that I used for this account seem rather long to me.

All I know is that the address is out there.

I don't know the exact mechanism by which it got disclosed but let me pose one possibility that I have seen before: When equipment and services are being decommissioned, they should be properly erased before being released into the recycling/disposal process (usually done by a third-party). That doesn't always happen, especially if it is the loss-making service and not just the equipment that is being shut down.
 

leilei

ANIME ELF'S !!
Jan 20, 2008
575
8
18
That doesn't matter now though, we all now know the intent of a 'mobile' company purchasing a service provider and the damage has been done.