Hackers have stolen usernames and passwords from gaming companies Bethesda Softworks, Codemasters and Epic Games in separate attacks over the weekend.
Infamous hacking group Lulzsec claimed to hold more than 200,000 user account details of Bethesda Softworks’ video game Brink, but said it would not release the list.
Instead it published source code and database passwords attached to the Brink web site on file sharing web site The Pirate Bay.
In a separate attack, hackers stole customer postal and email addresses, telephone numbers, order histories and Xbox Live Gamertags from Codemasters, along with usernames and encrypted passwords.
The attackers targeted the Codemasters e-store, its corporate and main websites, and a VIP redemption code page used for the video game Colin McRae Dirt 3.
“Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that as access was gained, all of these details were compromised and/or stolen,” the company said in an email to customers.
Codemasters.com redirects to the company’s Facebook page and will remain offline until the site is relaunched later this year.
“We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law. We apologise for this incident and regret any inconvenience caused.”
Meanwhile hackers launched a third attack against Epic Games websites including a forum, and made off with email addresses and encrypted passwords.
Epic Games founder Tim Sweeny apologised to customers in an email and said the company had reset passwords to prevent the risk of brute force attacks against the encryption.
“The Unreal Developer Network hasn't been compromised. Thankfully, none of our web sites ask for, or store, credit card information or other financial data,” Sweeny said.
“We're sorry for the inconvenience, and appreciate everyone's patience as we wrestle our servers back under control.”
LulzSec also hacked a US Senate web server and published user credentials, directory lists and Apache web server configuration files.
"This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen?” it wrote.