Hackers steal more than 1 million Steam codes for DiRT 3

Jos

Posts: 3,073   +97

Some 1.7 to 3 million Steam codes for a free copy of Codemasters' DiRT 3 have been leaked onto the web, according to reports. The codes were meant to be distributed with specific Radeon cards and redeemed at AMD4u, as part of a promotion by the game's publisher and AMD. But apparently hackers made off with the codes via a .htaccess exploit on the graphics firm's server and released them onto various forums.

The exact number of codes leaked is as-of-yet unknown, but Codemasters says it is already working on blocking those codes now to prevent them from being used. The codes should be easy to track down via Steam. It's unclear if users would simply lose access to the game or see their accounts being blocked. Though the latter seems unlikely, your best bet is to skip on any eye catching deals for DiRT 3 Steam codes on eBay and the like for a while.

As Gamasutra notes, this is the second major hacking incident that Codemasters has had to deal with in just a few months. In June, the studio announced that hackers had broken into its site and gained access to its members' personal information, including thousands of registered CodeM and forum users' names, email addresses, phone numbers, dates of birth, passwords, IP addresses and Xbox gamer tags -- - though personal payment details were not stored or at risk.

Update: AMD has sent us the following statement regarding the hack:

"This past weekend, activation keys associated with free Dirt 3 game vouchers shipping with select AMD products were compromised.  These activation keys were hosted on a third-party fulfillment agency website, www.AMD4u.com, and did not reside on AMD’s website.  Neither the AMD nor Codemasters servers were involved.

We are working closely with Steam, Codemasters, and our fulfillment agency, to address the situation. AMD will continue to honor all valid game vouchers, however the current situation may result in a short delay before the vouchers can be redeemed."

Update 2 (Sep. 14): The Dirt 3 redemption site is now fully operational again.

"AMD is pleased to announce that, having worked closely with Steam, Codemasters, and their fulfillment agency, AMD has now addressed the situation with Dirt3 game vouchers and the Dirt3 redemption page is now fully operational. Consumers are now able to input their existing codes for redemption of all valid vouchers."

Permalink to story.

 
If the codes were mean to be box shipped whit AMD video cards, why did they had it in their servers?
couldn't they just have some off-servers network or even a windows 95 PC that is not wired to the whole servers?
 
I bought a key off some site a while ago for like $15 and i have a feeling it was one of these stolen keys.
 
Cota said:
If the codes were mean to be box shipped whit AMD video cards, why did they had it in their servers?
couldn't they just have some off-servers network or even a windows 95 PC that is not wired to the whole servers?

the codes aren't in the boxes, you receive them in email from the retailer you bought the card from, which you then activate/download from steam

amd run this promo for most games that have been released with the gaming evolved logo...deus ex hr being the latest
 
[/quote]
the codes aren't in the boxes, you receive them in email from the retailer you bought the card from, which you then activate/download from steam[/quote]

ah! well since i saw "were meant to be distributed with specific Radeon cards" i assumed they came in the box (also the AMD page is offline, so no info), since they had gave codes for Passmark software whit them too
 
It's unclear if users would simply LOSE access to the game or see their accounts being blocked.

*fixed*

PS, Does anyone finish public school anymore?
 
"PS, Does anyone finish public school anymore? "

My thoughts exactly, but that word is misspelled often. Also, have you read these other comments? OMFG! people can't write worth Shiznetz.
 
Guest said:
"PS, Does anyone finish public school anymore? "

My thoughts exactly, but that word is misspelled often. Also, have you read these other comments? OMFG! people can't write worth Shiznetz.

The preferred spelling is S-H-I-Z-N-I-T-S, although although E-T-Z is an acceptable ethnic variant.
 
"Hackers?" I hate when articles do this. It was a simple directory of plain text file available to the public. The dumb guy forgot to put an .htaccess file and everybody on the internet could access them..
 
Guest said:
It's unclear if users would simply LOSE access to the game or see their accounts being blocked.

*fixed*

PS, Does anyone finish public school anymore?

Some people don't have English as their native language. And probably these people speak a second language better than a lot of people speak their native language. No need to post insults but could have just messaged the author and advised him of his mistake.

On topic, I doubt a few millions codes will be a major issue for them to block/ban. I do agree with what others have commented though, why wasn't this data just held offline?
 
I know it's not going to be easy to block and take them off the internet. Once it has been released you never know exactly where it can end up. They can even hide it right in front of their faces and not know about it sadly. Hopefully this can be resovled without any troubles ya'know? =3
 
Back