Looks like a nearly 16 month old data breach on the servers that host the Star Trek Online universe was recently discovered by its host Cryptic Studios.
In an email to affected customers Cryptic Studios notified them that their password had been reset and would need to be changed for further access.
As a result of routine security checks and upgrades, we have discovered that certain of your account information, including your password, may have been accessed by an unauthorized party.
For your security, we’ve reset the password on your account. You can recover your password via the "forgot password" link on the official Star Trek Online or Champions Online web sites:
https://www.startrekonline.com/user/password
https://www.champions-online.com/user/passwordIf you have used your account name and password for other accounts, especially financial accounts or accounts with personal information, you should consider changing your password on other services as well.
For full details on the unauthorized access, please read the notification here.
Apologies for the inconvenience.
Customer Service
Cryptic Studios
According to the blog post the information that was accessed included user account names, handles and encrypted passwords. They then go on to say that even though the passwords were encrypted they have evidence that the individuals were able to crack some of those passwords.
Just another example why you should not use the same user name and passwords on multiple accounts because the breach of one system could give an unauthorized individual access to other systems.
That is why a tool like LastPass is handy for managing random and challenging passwords.
