You need to re-register at turfgame.com

We are deeply sad and disappointed by the way Turf has been breached. It is not the breach itself, but rather the way the intruders have tried to release data instead of contacting us and helping us get the holes patched up.

In Short: 1. User data has been compromised 2. The security flaw has been fixed 3. Users will need to acquire a new password for turfgame.com

1. Our database has been compromised by evildoers and user data has been released. The personal data that we store are email addresses and passwords. All email addresses are lost to the hackers. This means you may or may not get “spam mail” from them in some way. Passwords are NOT lost in the same way. We only store encrypted passwords, which means we do not store what passwords you use, we only know a hash value that can be matched to your password when you use it. This means that the hackers need to try every letter combination they know until they find yours(“brute forcing”). This is similar to try to login to any account you have by just guessing.

2. The security flaw that the hackers exploited has been patched up. Just as in any service, there are holes in security over time. However we will unfortunately need to put more of our spare-time into being on top of upcoming security flaws instead of developing the game. This is a sad but unavoidable future from now.

3. In order to implement new security measures, every user who use the login at Turfgame.com need to press register on the main page in order to get a new password. This new password will be handled in another way than before.

We are truly sorry that this has happened and we take full responsibility for allowing to make such an intrusion into our beloved game. However it has already happened and we are now trying to make the best of the situation. We also hope that the hackers can grasp the fact that we make this entire game work on our spare time without getting paid. This intrusion has put Turf to test, a test that Turf did not need right now:(