In a recent forum post CCP Games informed players of the attack, and explained that the best course of action was to disconnect the servers while they made further investigations.
“Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 03:07 UTC, that group concluded that our best course of action was to go completely offline while we put in place mitigation plans.”
CCP initially restored the Tranquility servers at 2:51 pm the same day, however in light of “additional information” the company “re-evaluated their decision” and disconnected the servers once again for further investigations.
After an “exhaustive scan of their entire infrastructure”, CCP Games was able to find the source of the attack itself:
“What we can now confirm is that a person was able to utilize a vulnerability in one of the back-end services that support the operation of the Tranquility server. This vulnerability has now been secured and thoroughly tested.”
CCP Games has since maintained server security and has fixed the vulnerability, and brought the servers back online.
CCP also assures gamers that their sensitive and private information was never accessed or compromised during the attack:
“We would like to stress that at no time was customer data compromised or accessible in any way.
The effort of returning the complex server structure of the EVE Universe and associated websites to service in a methodical and highly-scrutinized fashion began hours ago and Tranquility has now been brought online (at 10:13 UTC). Our teams will monitor the situation carefully in the coming hours to ensure that our services are accessible and that all customer data remains secure.
We will be looking at ways to compensate players in both EVE and DUST for the outage and expect to announce what that compensation will be very soon.
While we initially reopened EVE Online and DUST 514, at 14:51 UTC we became aware of additional information that led us to re-evaluate our decision. With the highest sense of precaution we took the decision to take Tranquility and associated websites back down for further investigation and an exhaustive scan of our entire infrastructure.”
The company hasn’t released any information regarding the culprit’s indentity, and it will be interesting to see if CCP Games finds the person responsible for the exploit—the odds are most likely against them in this case, though.