The forums for Epic Games were hacked today, just the latest reminder of the dangers of using one password for all of your sites.
Odds are it won’t ruin your life if someone steals your Epic Games forum account and starts posting unpopular opinions about Infinity Blade or Unreal. But if you use the same password on that site as you do for your email, or your bank, you’re kind of screwed unless you change those passwords quickly.
Epic Games says that emails were leaked for the Unreal Engine and Unreal Tournament forums, but not passwords in any form. Users of “legacy forums” for Infinity Blade, UDK, previous Unreal Tournament games, and archived Gears of War forums were a little worse off according to a statement from Epic Games.
The hack of those forums “revealed email addresses, salted hashed passwords and other data entered into the forums,” according to the statement. “If you have been active on these forums since July 2015, we recommend you change your password on any site where you use the same password.”
We have placed our forums in maintenance mode while we investigate the recent compromise.
— Epic Games (@EpicGames) August 23, 2016
The forums for Paragon, Fortnite, Shadow Complex, and SpyJinx were not affected, according to Epic Games.
Again, this is why you shouldn’t use the same password on every site. If you were a member of that forum, and used the same email/password combination as your primary email account, hackers now have your email password. Change your password now, and consider using a password manager to generate unique passwords for every service you use.
While you’re at it, it’s probably a good time to enable two-factor authentication on as many services as possible. Any step you put between would-be hackers and your private information is a good thing, so take the time.