Yesterday, we found out some users were able to view Bethesda support tickets containing various forms of information. Tickets that contain contact information, but what seems to be no complete credit card information or passwords.
Today, Bethesda has issued this follow up statement and offered up some additional details. From their internal investigation, they say less than 123 tickets were viewable with a little over half of them or less containing personal data.
We'll have to see if Bethesda will do anything for those that had their data exposed. In these situations, the company usually forks over for a year of credit monitoring. For now, the news seems to be better than initially thought, but still this shouldn't have ever happened in such a way where some customers were able to view other people's information. Below is the statement issued by Bethesda today.
"As previously reported, on December 5, 2018, we experienced an error with our Customer Support website that resulted in the exposure of a limited number of customer support tickets. Upon discovery, we immediately took down the Customer Support website, remediated the error and restored the Customer Support website. We have conducted further investigation and analysis of this incident and would like to provide our Bethesda community with an update.
From our investigation, we have learned that, on December 5, 2018, there was a brief period of time during which customers accessing our Customer Support website may have been able to view the customer support tickets submitted by other customers during this same time period. Based on our current investigation, we believe this exposure window lasted approximately 45 minutes.
During this exposure window, fewer than 123 customer support tickets were submitted and may have been partially or fully viewed by others accessing the Customer Support website. Of those 123 tickets, it appears that no more than 65 customer support tickets contained personal data that may have been exposed.
Upon review of the exposed customer support tickets, we have confirmed that no user account passwords or full credit card numbers were included. The personal data exposed within the customer support tickets included:name, user name and contact information (e.g., email, address and phone number), if submitted by a customer as part of a customer support ticket
proof of purchase information provided by a limited number of customers, related to game purchases from third party retailers
We are in the process of contacting customers who may have been impacted.
We greatly value and appreciate our Bethesda community. Again, we sincerely apologize for this situation."