The virtual world of Second Life has been hit with some very real criminals. Linden Lab, the owner of the Second Life game, warned players that hackers have illegally accessed a database containing player names and financial information. As a precaution, the company has invalidated all accounts and is requiring players to set new passwords.
According to Linden Lab founder Robin Linden, a hacker was able to access a database through one of the web servers. The attack was discovered on September 6th and Linden says the exploit has been eliminated. After further investigation, IT staff found that the unencrypted part of the database had been compromised and that the hackers had been able to access account names, real names, along with passwords and some financial information.
While some financial information was accessed, Linden said unencrypted credit card information should be safe. “Unencrypted credit card information has not been compromised,” wrote Linden in a letter to Second Life players.
Second Life is a virtual world which has a similar look and feel to Electronic Arts’ “Sims” video game. Players have three-dimensional characters that can create objects and residences. Real currency can be converted into virtual dollars that can buy houses, real estate and even entire islands. According to Linden Lab, there are more than 660,000 players and several thousand are online at any time.
Players are advised to create a new password by clicking the “Forgot Password” link on the Second Life homepage. A link will be emailed to players which will take users to a webpage asking for the answer to a security question.