League of Legends hacked.
That’s right, the popular MOBA (Multiplayer Online Battle Arena) game by Riot has been hacked, putting some encrypted credit cards at risk.
These hackers were also able to gain access to various usernames, email addresses, and passwords of users registered on the game. The credit card information is probably what most are more interested in, however, so those worrying may find a bit of comfort in the knowledge that all credit card info seems to be from 2011.
Additionally, we are investigating that approximately 120,000 transaction records from 2011 that contained hashed and salted credit card numbers have been accessed. The payment system involved with these records hasn’t been used since July of 2011, and this type of payment card information hasn’t been collected in any Riot systems since then.
Riot isn’t just sitting back, however. In addition to getting all users to change their passwords, they are planning to move ahead with several other security updates. Said Riot, “Additionally, new security features that are currently in development include:
- Email verification: all new registrations and account changes will need to be associated with a valid email address (we’ll also require all existing players to provide a valid email address).
- Two-factor authentication: changes to account email or password will require verification via email or mobile SMS.”
Will these security features be enough?
Source: Riot Games (via Kotaku)