Cyber Incident Victim: DayZ gaming community

The DayZ online forums suffered a security breach on or around January 23, 2016, when hackers from the Saudi Arabian group OurMine infiltrated the platform. OurMine publicly claimed responsibility by posting a visible topic on the forum's main page and sharing a screenshot of their access on their Tumblr account. The attackers compromised a database containing details of over 200,000 registered users, specifically extracting usernames, email addresses, and hashed passwords. The forum software, identified as an outdated version of IPBoard, hosted the vulnerable authentication system. DayZ's development team at Bohemia Interactive first acknowledged the incident publicly through Twitter, warning forum users of the breach while investigations remained ongoing. The standalone survival game, though still in alpha development stages at the time, maintained an active community through these compromised forums.

Following initial detection via the hackers' forum post, Bohemia Interactive launched an investigation confirming unauthorized database access and data exfiltration. The company issued direct communications to all affected forum users, urging immediate password changes and advising against password reuse across other accounts. As a containment measure, developers announced plans to replace IPBoard's native login system with Bohemia's proprietary authentication infrastructure already securing other company services. No evidence suggested compromise beyond forum credentials, though the scale exposed approximately 200,000 accounts. The public response emphasized transparency through Twitter updates, detailing breach confirmation and planned security upgrades without disclosing technical vulnerabilities. User notifications reiterated the theft of hashed passwords while acknowledging operational disruptions to forum services during remediation.