Desde Bundlestars envían un correo acerca de un fallo de seguridad en el que un numero sin determinar de cuentas de usuario con sus respectivas contraseñas. No saben determinar exactamente como ha sido ese robo por lo que recomiendan cambiar la contraseña de todas las cuentas. Al parecer han tomado la medida inicial de reiniciar manualmente todas las contraseñas en la web por lo que no deberíais poder entrar con vuestra contraseña que utilizabais hasta ahora y para acceder teneis que solicitar una nueva en este enlace. Lo único que ha podido verse comprometido son las keys que estuviesen guardadas en el perfil de usuario y que no activaseis en su momento ya que los datos referentes a tarjetas de credito y/o Paypal no se guardan en la web y por tanto no hay problema con ello..
Os dejo una copia del correo:
"We have noticed attempts to access Bundle Stars customer accounts by entering, what we believe to be, stolen email address and password combinations, so we have taken the precaution of resetting all user passwords across the website. Customers' financial information, such as PayPal, credit or debit card details is not stored on the Bundle Stars website, so has NOT been compromised and is not at risk.
We have reason to believe that a number of customer accounts may have been accessed without the permission of the account holder. We think it is likely that an individual or individuals obtained, from the public domain, a list of compromised accounts which have been stolen from other websites.
If your account has been affected, then your email address, password, order history and purchased Steam keys may have been accessed.
Next time you sign in, you will be required to change your password. You will then be able to access your account and order history as normal.
WHEN ENTERING YOUR NEW PASSWORD WE STRONGLY RECOMMEND THAT, TO PROTECT YOUR ACCOUNT, YOU USE A UNIQUE AND PREVIOUSLY UNUSED PASSWORD.
We would also encourage you to update your password across any other websites where you have used the same or similar passwords, and do this as soon as you possibly can.
If your previous email and password combination was unique to Bundle Stars, then your account will not have been affected.
We apologise for the inconvenience and concern that this may have caused you as a member of the Bundle Stars community. We have acted quickly to investigate and take security precautions to protect our customers by removing all passwords so that every customer must choose a new password. We also invalidated the session so that all customers were logged out, and implemented reCAPTCHA.
It is important to stress that our investigation indicates that this breach has not been caused by any compromise of our internal security systems but has been caused by an attack by an individual or individuals that have obtained user and password details from compromised accounts stolen from other websites. Robust security systems and processes are critical to our service and we continuously invest in our information security system to meet evolving threats.
If you have any concerns about your account, please click here to view our FAQ page, or alternatively please contact our support team: [email protected]
Thank you for your understanding on this matter, and we apologise unreservedly for any inconvenience.
The Bundle Stars Team"