Riot Games Pwned And The Company Gives The Hackers Behind It A Big Middle Finger

I report on companies getting pwned by hackers. But I rarely get to report on companies that have been pwned flipping the bird metaphorically speaking to said hackers. Take Riot Games. They were hacked last week.

Yesterday, the company updated this situation with a very interesting response:

So the company had source code stolen. But they aren’t going to pay the hackers who were apparently were asking for $10 million.

While in the short term, I can see a scenario where cheats for various Riot Games appear, this is the right decision because stolen data is only valuable if the hackers get paid. So how valuable is the data that was stolen I ask? And also, Riot has been very transparent. More so than I am used to seeing.

David Maynor, Senior Director of Threat Intelligence, Cybrary had this to say:

   “This is one of the better way to handle an ransomware event. They laid everything out include potential downsides but ends on a cherry note that most of the stolen code was prototype and was never designed to be released. This is transparency personified.”

Michael Slipsager, CEO, BullWall follows up with this commentary:

   “Riot Games will not be paying the $10 million ransom demand to stop the leak of their source code.  Good for them and for practicing full transparency on the breach, as paying the ransom not only emboldens hackers to continue their attacks, but it also does not guarantee that the stolen data will not be released.

   “Despite taking steps to protect their data, even companies with strong security measures in place can still fall victim to a ransom attack and can still suffer the consequences of a ransom attack, such as loss of sensitive data, reputational damage, and financial losses. 

   “Even well-prepared companies like Riot Games may find themselves vulnerable to a ransom attack and it is important for all companies to stay vigilant and have a robust incident response plan in place to minimize the impact of such attacks.”

I applaud Riot Games for taking this stance. If more companies would do something like this as opposed to paying the ransom, hackers would be out of business shortly thereafter.

Leave a Reply