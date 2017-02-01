Gamers tend to be quite technically adept, with many hackers starting out seeking cheats for the online games they play – but in some cases, gamers become a potential vulnerability if their gaming activities lead to your most technical staff getting hacked at home – or are they more alert to the issue than most, and do they, as a result, avoid the pitfalls of password re-use?

In the wake of today's news that 2.5 million PlayStation and Xbox users globally have had their personal details leaked in what the Daily Mail newspaper describes as a major hack, companies may need to ask their IT staff, are you a gamer? The actual hack of forums 'XBOX360 ISO' and 'PSP ISO' is reported to have taken place in September 2015 but the gamers' email addresses, account passwords and IP addresses are only now being leaked – presumably after the original thieves have exhausted their use of them. XBOX 360 forum XBOX360 ISO accounted for 1.2 million of the accounts exposed.

Gaming forums have again become a favoured target in recent months notes Javvad Malik, IT security advocate at AlienVault who points out, “Typically they have weaker security, so it is easier for attackers to gain access to the passwords. Attackers rely on the fact that most users will reuse the forum password on other sites.

“While user education into the dangers of choosing easily-guessed, or re-using passwords should continue, companies need to evaluate all their digital assets equally from a security perspective. There is no such thing as a ‘low priority' public sit wherever a user account resides.

“Secondly, these attacks highlight the importance of effective security monitoring controls that can help detect threats underway in a timely manner. In this day and age, discovering a breach over a year after the attack is an eternity.”

This article originally appeared at scmagazineuk.com