Security Update Discussion

First Riot Post
Comment below rating threshold, click here to show it.

TheSelected

Junior Member

08-20-2013

Could a member from the riot staff please contact me in regards to a potential bypass of the required password change? Thanks!

Edit 1: I created a support ticket with the instructions outlined. See ticket #7602434


Comment below rating threshold, click here to show it.

matrinox

Senior Member

08-20-2013

Quote:
Originally Posted by Vesh View Post
Some clarification here - the transaction IDs are randomly generated guids and do not contain any information about credit cards or other billing info.

this is entirely separated from the hashed cards that were used for a specific payment system in 2011. these transaction IDs do not reveal anything about your billing or payment information. they are basically equivalent to receipt numbers.
Vesh said this exact thing on a user-posted discussion titled "riots new payment system isnt secure. dont use it."

+3 here, -14 there as of right now. Just shows there are different demographics in each thread for those that are interested..


Comment below rating threshold, click here to show it.

proximuhtyZ

Senior Member

08-20-2013

Just a quick question. How come when I try to change my password it asks me to open or save a file name "json"


Comment below rating threshold, click here to show it.

downtothefilter

Member

08-20-2013

I received the e-mail from Riot and thought it looked suspicious so I came over to the forums to check it out. I'm still not convinced because after patching I wasn't prompted to change my password. What gives?


Comment below rating threshold, click here to show it.

Jukka Sarasti

Senior Member

08-20-2013

Quote:
Originally Posted by Gum Cuzzlin View Post
Riot... I am a California Citizen and I want an email discussing what personal information of mine was jeopardized.

Here is the law:

http://www.dmv.ca.gov/pubs/vctop/app...civ1798_82.htm
(B) Conspicuous posting of the notice on the Web site page of the person or business, if the person or business maintains one.

From your own damn link, that you apparently didn't fully read, as you post in a thread, that meets the above definition to a T. You don't get an email and there's nothing you can do about it because they met their obligation.


Comment below rating threshold, click here to show it.

Nsaneone

Senior Member

08-20-2013

Quote:
Originally Posted by MobocracyPanda View Post
I have a question here. Do you actually mean it's unreadable or are you just exaggerating a bit? I don't know how they obtained these things, in what way, ect. Is it readable if they have the right tools, or just unreadable no matter what is done?
I think what he meant to say is that they're not in clear (or plain) text.


Comment below rating threshold, click here to show it.

orghak 6

Member

08-20-2013

Quote:
Originally Posted by matrinox View Post
Vesh said this exact thing on a user-posted discussion titled "riots new payment system isnt secure. dont use it."

+3 here, -14 there as of right now. Just shows there are different demographics in each thread for those that are interested..
Actually it was at positive upvotes for a certain time, but then a user made a post that pointed to several inconsistencies in her and previous Red comments.

That's why it was downvoted.


Comment below rating threshold, click here to show it.

Cynicatt

This user has referred a friend to League of Legends, click for more information

Senior Member

08-20-2013

@Chager
This is nice. I like the amount of honesty I'm seeing from you here...
Though I still would like to know if there was any truth to when the hacker told us that he's friends with the CEO of Riot, or that he has a Riot employee leaking information to him.
I know the answer at this point is probably no, but it would be great to hear it from Riot.


Comment below rating threshold, click here to show it.

Skyhawke

Senior Member

08-20-2013

Quote:
Originally Posted by Gum Cuzzlin View Post
Riot... I am a California Citizen and I want an email discussing what personal information of mine was jeopardized.

Here is the law:

http://www.dmv.ca.gov/pubs/vctop/app...civ1798_82.htm
Lol. Did you read the whole thing?

Quote:
e) For purposes of this section, “personal information” means an individual’s first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted:

(1) Social security number.

(2) Driver’s license number or California Identification Card number.

(3) Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account.

(4) Medical information.

(5) Health insurance information.
None of those five data elements are being distributed. Also, this is from the DMV website. If you're going to get all lawyery, read the laws.


Comment below rating threshold, click here to show it.

Cynicatt

This user has referred a friend to League of Legends, click for more information

Senior Member

08-20-2013

Quote:
Originally Posted by proximuhtyZ View Post
Just a quick question. How come when I try to change my password it asks me to open or save a file name "json"
o.o