Bethesda Accidentally Leaked Personal Data of ‘Fallout 76’ Customers Looking for Help

The game publisher accidentally sent support ticket information to customers using its help desk.

|
Dec 6 2018, 5:08pm

Image: Bethesda

Bethesda, the publisher and developer behind Fallout 76 accidentally released the private information of customers it was trying to help by sending that data to other customers.

“@Bethesasupport I am receiving other people’s support tickets on my @bethesda account,” a customer on tweeted Wednesday. “I have numerous other people [sic] receipts for power armor set that includes their email & home address and the type of card used. This is not good, right? #Fallout76.”

She wasn’t the only one. Bethesda customers hit social media and Bethesda’s forums to sound the warning: reach out to Bethesda for support and it might leak your private information, including your receipt, home address, email address, and type of credit card. The stories were all the same—they’d reached out to Bethesda for help with one thing or another and been given access to the help desk’s back end. They were able to update customer support tickets, see information, and close them.

The first official response from the company came from a community manager on Bethesda’s official forum. “Hi guys, we’ve resolved the issue,” they said.

Later, Bethesda Support’s official Twitter account tweeted out a lengthier response to the issue.

“We experienced an error with our customer support website that allowed some customers to view support tickets submitted by a limited number of other customers during a brief exposure window. Upon discovery, we immediately took down the website to fix the error,” Bethesda said.

It went on to say that Bethesda was still investigating the issue and that a limited amount of customer data leaked out including the customer’s name, user name, contact info, and proof of purchase. “But no full credit card numbers or passwords were disclosed,” Bethesda said. “We plan to notify customers who may have been impacted. Bethesda takes the privacy of our customers seriously, and we sincerely apologize for this situation.”

It’s been a banner year for accidental security breaches from major companies. In November, Tesla accidently gave full control over its forums to a random user. The customer could create and delete posts at will and view the contact information for all of the forum’s users. This is a new issue for Bethesda though, which has been weathering a constant storm of controversy since it released Fallout 76 on November 14.

Fans and critics don’t like Fallout 76. It’s so bad that lawyers are preparing a class action lawsuit against Bethesda for false advertising and a failure to issue refunds. It’s way too easy to cheat, and its endgame relies on cryptographic systems the fans mastered in under a month. Bethesda ran a beta for the game before its launch, and a bug deleted the game from PC customer’s hard drives when the beta began. Customers who purchased a $200 “Power Armor” version of the game were promised, among other goodies, a canvas bag. When they opened their boxes they found a cheap nylon alternative. In response, Bethesda gave the customers a small amount of microtransaction credit in Fallout 76’s online store. Fans felt insulted and Bethesda promised to send out replacement bags.

Fallout 76 is Bethesda’s first game to launch on its own digital distribution platform, its first online game developed in-house, and its first major failure. It quickly resolved the support issue, but it’s another crack in the company's once pristine power armor.