Cyber Incident Victim: Bohemia Interactive
Date:
Feb 2016
Location:
Czechia
Summary
A potential security breach targeted the feedback tracker systems for DayZ and ArmA 3, prompting the developer to take these platforms offline for investigation. While no evidence confirmed user data compromise, affected users were advised to change passwords reused elsewhere, as the Mantis Feedback Tracker operated separately from more secure account systems unaffected by the incident. This followed a recent separate forum breach where hackers accessed and downloaded usernames, passwords, and emails, leading to migration to a more secure authentication model prior to this event. The company initiated a full investigation into the feedback system intrusion to determine potential data exposure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 19, 2016, Bohemia Interactive announced a potential security breach affecting the Mantis Feedback Tracker systems used for their games DayZ and ArmA 3. The company detected an attempted compromise of the feedback.dayz.com and feedback.arma3.com websites, prompting immediate containment measures. Bohemia took all Feedback Tracker systems offline to conduct a thorough investigation, though initial assessments found no conclusive evidence that attackers successfully extracted user data. The developer publicly disclosed the incident through its official forums, advising users who had reused passwords across multiple platforms to change them immediately on all affected services. This precautionary measure addressed the risk of credential stuffing attacks leveraging potentially exposed login details. Bohemia clarified that its primary Bohemia Accounts system—used for forums and store services—remained unaffected due to its separation from the compromised Feedback Tracker infrastructure. The incident marked the second security event within weeks, following a separate breach of the legacy DayZ forums approximately two weeks prior.
The earlier forum breach had resulted in confirmed unauthorized access to all user credentials, including usernames, email addresses, and passwords stored on the compromised IPBoards system. In response to that incident, Bohemia had migrated authentication to its custom-built Bohemia Accounts platform, citing enhanced security protections compared to the legacy system. The February 2016 Feedback Tracker breach investigation aimed to determine whether similar credential exposure occurred through the Mantis system. No forensic timeline or attacker methodology was disclosed publicly regarding either incident. Bohemia maintained operational separation between the compromised Feedback Tracker and its core account systems throughout both events, limiting potential cross-system impacts. The company's repeated security advisories emphasized password hygiene for users with shared credentials across gaming platforms.