An official BioWare post by Aaryn Flynn on the official Bioware forums confirmed that a hacker had gained access to the old server tied to the studio's Neverwinter Nights forums, leaving thousands of user accounts vulnerable to theft.
Fortunately, the only information the hacker may have taken was limited to user account names, passwords and e-mail addresses. Further details are as follows:
Yesterday (June 14), we learned that a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums. We immediately took appropriate steps to protect our consumers’ data and launched an ongoing evaluation of the seriousness of the breach. We have determined that no credit card data was compromised, nor did we ever have or store sensitive data like social security numbers. However hackers may have obtained information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts–a very small percentage of total users. We have emailed those whose accounts may have been compromised and either disabled their accounts or reset their EA Account passwords. If you did not receive an email from us, or if your password still works for your EA account, your username and password were not compromised. Nevertheless, changing your password regularly is always helpful to protect your account.
We take the security of your information very seriously and regret any inconvenience this may have caused you. If your username, email address and/or password on the Neverwinter Nights forums are similar to those you use on other sites, we recommend changing your password at those sites as well. We advise all of our fans to always be aware of any suspicious emails or account activity and report any suspicious emails and account activity to Customer Support at 1-866-543-5435.
Aaryn Flynn
Studio GM, BioWare Edmonton
VP, Electronic Arts