This recent massive data breach impacts 7.6 million players in this popular online role-playing game called Town of Salem.
BMG Confirms Data Breach
The game owner of Town of Salem, BlankMediaGames (BMG), confirmed last Wednesday that a data breach occurred. There are more than 8 million players in this browser-based game that enables gamers (7 to 15 users) to play a version of the famous secret role game Town, Mafia, or Neutrals.
The data breach was discovered on December 28th, 2018. A copy of the compromised Town of Salem database was anonymously sent to a hacked database search engine, DeHashed.
Evidence was found of the server compromise and access to their entire gamer database of 7,633,234 user data.
The compromised data consisted of:
- Email addresses
- Hashed passwords
- IP addresses
- Game and forum activity
- Some payment information (including full names, billing and shipping addresses, IP information and payment amount).
DeHashed also stated that “some of the users who paid for certain premium features having their billing information/data breached as well,” though BMG confirmed that no credit-card numbers were exposed in the breach.
Addressing the Security Incident
The attacker used a backdoor into their server, therefore, Town of Salem developers removed all the malicious PHP files from their server. They also are contacting security auditing firms and may reinstall all “servers from scratch just to be 100% sure.”
Change Your Password
BMG recommends all gamers to change their passwords immediately since MD5 hashed passwords are known to be susceptible to brute force attacks. If your information was compromised in this breach, you will receive an email with details of BMG’s actions against this attack as well as to change their password as soon as possible.
Original Article Found Here.