MAY 26, 2010 • Security firm Symantec discovered a server hosting the credentials of 44 million stolen gaming accounts. The server was deemed part of a distributed password checker targeted at Chinese gaming websites. The stolen login credentials were from specific online titles, as well as user login accounts associated with sites that host a variety of online games.

Impact: Stolen accounts have real and significant cash value on the secondary market, hence the illicit activity. Unfortunately, the bulk of this buying and selling happens off the grid through illegitimate sources, so there isn’t any oversight or regulation resulting in publishers and players alike falling prey to account, credit card theft and other factors. Yet there is growing consumer demand, mainly from Western game players, so the gold farmers and thieves continue to have market to sell-in to. In the absence of a legitimate marketplace demand will continue to funnel to the black market. That’s why services like Live Gamer work with game publishers to legitimize player-to-player activity through anti-fraud mechanisms such as item escrow via integration with game databases.