Telstra GameArena hacked, 35K accounts lost

update Telstra has revealed that a third-party company responsible for its GameArena and Games Shop websites has fallen victim to a hacking attack, spilling the details of up to 35,000 customers.

Telstra said that the information leaked was limited to BigPond Games usernames, the email addresses used to join the site and encrypted passwords. Depending on the encryption used, these passwords should be safe, but, as a precautionary measure, Telstra has reset the passwords of up to 230,000 GameArena and Games Shop customers who aren't using a BigPond email address. This is despite Telstra's belief that only 35,000 customers were affected.

The company also recommends that customers change their passwords on other websites where they may have used the same one.

ZDNet Australia contacted Mammoth Media, which lists GameArena as one of its clients, to confirm that it had been affected by an attack, but did not receive a response at the time of writing.

No financial or credit card details were on the sites, and Telstra has stated that BigPond broadband customer information was not affected by the incident.

This is not the first data breach to affect the company, with BigPond customer information being exposed in December last year, after one of Telstra's internal tools was indexed by Google and made public.

The incident, which saw the details of about 60,000 BigPond accounts exposed, attracted the attention of the privacy commissioner, and was slammed by security and privacy experts as being worse than the Sony and Vodafone breaches that preceded it.

Updated at 11.15am, 24 May 2012: updated figure on accounts being reset.