Square Enix stated yesterday that somebody "may have gained unauthorized access to a particular Square Enix server" and took its members service offline in both Japan and the U.S. Today, the company clarified that 1.8 million customer's accounts had been affected.
The company said it noticed that unknown parties had accessed the server for its free "Square Enix Members" site on Tuesday afternoon, and decided to shut down the service the same day. Users register on the server with their email addresses and sometimes their names, addresses and phone numbers, but the server holds no credit card information, a spokesman said.
The intruder breached an unknown number of servers that could hold data for the service's one million members in Japan and 800,000 members in North America, but left untouched the servers with its 300,000 European members. In May, Square Enix said it suffered hacking attacks into the web site of a Canadian subsidiary and two product sites. It said 350 applicants' resumes and up to 25,000 email addresses were stolen in that attack.