A gaming giant raking in billions annually is only now recruiting cybersecurity red team experts? Recently, miHoYo posted a job listing seeking professionals with red team offensive security experience. In infosec lingo, the "red team" plays the attacker while the "blue team" defends — hiring red teamers signals that miHoYo wants to stress-test its defenses from a hacker's perspective.
The post immediately blew up on NGA. The OP quipped: "Guess the massive Fontaine leak finally scared them into action," accompanied by a diagram illustrating red vs. blue team dynamics in cybersecurity.
The top-voted reply cut straight to the bone: "Isn't it kind of embarrassing that a company THIS big is only hiring for this now?" Fair point — miHoYo runs global mega-hits like Genshin Impact and Honkai: Star Rail, managing an enormous volume of user data, yet has repeatedly been called out for lax security practices.
One commenter dropped an alleged bombshell: miHoYo's internal passwords were supposedly set to something as laughably simple as "miHoYo@123" (unverified, of course). Another player noted that during the Fontaine leak, the hackers openly mocked miHoYo's security setup as practically nonexistent. Whether the password rumor is true or not, it perfectly captures the community's perception of miHoYo's security posture — careless at best, negligent at worst.
Long-time players also dug up older incidents. One claimed that miHoYo brought in a former national security agent for training back in version 2.0, yet by version 4.0 nothing had visibly improved — fueling speculation about deeper internal dysfunction. Another commenter floated the theory that the infamous v3.2 content leak, long attributed to insider moles (内鬼, "inside ghosts" — the Chinese gaming community's term for leakers), might actually have been an external hack all along.
Not everyone was piling on, though. Some pointed out that hiring is just normal business — people leave, companies backfill. Industry veterans also noted that most smaller studios outsource security to third-party firms, so miHoYo building its own red team could actually be a sign they're taking things seriously.
Still, the overall sentiment is skepticism. When a company sitting on mountains of player data and precious IP assets is this late to the cybersecurity party, trust is hard to come by. Whether these new red team hires can actually plug the leaks — or if it's just a PR band-aid — remains to be seen. The gacha community will be watching.
评论 (0)
暂无评论,来说两句吧! 🍉