1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Two Factor Authentication is now available on BeyondUnreal Forums. To configure it, visit your Profile and look for the "Two Step Verification" option on the left side. We can send codes via email (may be slower) or you can set up any TOTP Authenticator app on your phone (Authy, Google Authenticator, etc) to deliver codes. It is highly recommended that you configure this to keep your account safe.

Gamespy now leaking UT3 email address(es)

Discussion in 'Unreal Tournament' started by IronMonkey, May 18, 2014.

  1. IronMonkey

    IronMonkey Moi?

    Joined:
    Apr 23, 2005
    Messages:
    1,746
    Likes Received:
    0
    It would seem that Gamespy has managed to disclose the email address used to register my copy of UT3.

    Spamming gits have started using it.

    The email address was unique to UT3 and since I haven't played UT3 for several years, it is unlikely that it has been sniffed in transit.

    Just adding insult to the injury of having had to use Gamespy. :(
     
  2. Arnox

    Arnox UT99/2004 Mod Crazy

    Joined:
    Mar 26, 2009
    Messages:
    1,598
    Likes Received:
    5
    Details? How exactly did it get loose? How do you know?
     
  3. Wormbo

    Wormbo Administrator Staff Member

    Joined:
    Jun 4, 2001
    Messages:
    5,913
    Likes Received:
    36
    Spammers have enough firepower nowadays to just try all possible email address names for known domain names.
     
  4. Princess_Die

    Princess_Die Always Out Numbered... Never Out Gunned

    Joined:
    Feb 22, 2006
    Messages:
    185
    Likes Received:
    0
    Neither of the two accounts I used for UT3 have gotten spam (yet).
     
  5. IronMonkey

    IronMonkey Moi?

    Joined:
    Apr 23, 2005
    Messages:
    1,746
    Likes Received:
    0
    I don't know how it got loose.

    I do know that I am now receiving spam to that address.

    The address was unique to the UT3 account, not related to UT3, not easy to guess and not used anywhere else (has never been near my email client).
     
  6. leilei

    leilei ANIME ELF'S !!

    Joined:
    Jan 20, 2008
    Messages:
    574
    Likes Received:
    8
    GLU MOBILE - CORPORATE MAILBOX FILLERS
     
  7. ambershee

    ambershee Nimbusfish Rawks

    Joined:
    Apr 18, 2006
    Messages:
    4,519
    Likes Received:
    7
    This. Brute force is common now, and once an e-mail doesn't bounce, they know it's a legit address. If it bounces with a legit bounce message, they know it's a real server too.
     
  8. IronMonkey

    IronMonkey Moi?

    Joined:
    Apr 23, 2005
    Messages:
    1,746
    Likes Received:
    0
    My domain is set to accept all email. If I had been subject to a brute force attack I would have known.

    The odds of a random brute force attack finding exactly the obscure (non-dictionary) and lengthy email address that I used for this account seem rather long to me.

    All I know is that the address is out there.

    I don't know the exact mechanism by which it got disclosed but let me pose one possibility that I have seen before: When equipment and services are being decommissioned, they should be properly erased before being released into the recycling/disposal process (usually done by a third-party). That doesn't always happen, especially if it is the loss-making service and not just the equipment that is being shut down.
     
  9. Alhanalem

    Alhanalem Teammember on UT3JB Bangaa Bishop

    Joined:
    Feb 21, 2002
    Messages:
    2,238
    Likes Received:
    0
  10. leilei

    leilei ANIME ELF'S !!

    Joined:
    Jan 20, 2008
    Messages:
    574
    Likes Received:
    8
    That doesn't matter now though, we all now know the intent of a 'mobile' company purchasing a service provider and the damage has been done.
     

Share This Page