Bethesda cuts out middle hackers – gives away credit card details

by Radu Tyrsina
Radu Tyrsina
Radu Tyrsina
CEO & Founder
Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of... read more
Affiliate Disclosure

In recent weeks, we have had a number of tech companies allowing unauthorised access to their data. On the 30th November, Dell got hacked and last week, Sennheiser and Quora decided to join in the ‘fun’. It would seem that Bethesda has decided to go one better than Dell and Quora by just giving away users’ information, rather than making hackers work for it. Read on to find out more…

The Bethesda bag backstory

First of all, I think I need to give a bit of background here. When Bethesda released Fallout 76, customers could pre-order a canvas bag. However, in a display showing a complete lack of PR understanding, Bethesda decided to replace the canvas bags for nylon bags, except for influencers, who got the canvas editions, natch.


Predictably, there followed the usual outcry from the little people. Not unsurprisingly, they felt slightly aggrieved. How was it that the influencers were getting the good stuff (presumably for free), while the little people were not even getting what they paid for?

In true backtracking fashion, Bethesda did what most companies would do in its position. They apologised, retracted their original decision, and said that customers should put in a support ticket to get their bag as originally advertised.

Now comes the good bit…

After filling in a support ticket, Bethesda proceeded to give customers access to other people’s support tickets. This included personal information such as their names, home addresses, the type of credit card used, and (my personal favourite) the complete number of the credit card. Brilliant!

In response to this awesome display of incompetence, Bethesda shut down the website. On Twitter, where I believe the original flaw was reported, Bethesda released the following statement,

We experienced an error with our customer support website that allowed some customers to view support tickets submitted by a limited number of other customers during a brief exposure window. Upon discovery, we immediately took down the website to fix the error.

Well, that’s okay then.

In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.

Wrapping it all up

I am assuming that Bethesda will not be held accountable for this appalling lack of security. True, it was ‘only’ credit card numbers, and not expiry dates or CVC’s, but so what? The fact that any customer information was given out shows a scale of incompetence worthy of a Microsoft cumulative update.

These companies are not going to change their ways until they are given substantial enough fines to force them to take security seriously. As Bethesda is an American game company, the US government almost certainly do nothing. Therefore, it behoves the EU to start slapping around some fines. That should get the ball rolling.


This article covers:Topics: