Over 7.6 million players have been impacted by a massive data breach suffered by the well-known browser-based role-playing game “Town of Salem.” BlankMediaGames, the owner of the game, has confirmed on its online forum that the breach did occur.
A copy of the compromised database from the game was sent to DeHashed after which the breach was disclosed. The compromised data, according to DeHashed, contains game and forum activities of the users, email IDs, IP addresses, passwords from WordPress, phpass, and phpBBstolen, usernames, and payment information.
See: Hacker takeovers Drake’s Fortnite account to yell racial slurs
DeHashed released a disclosure in which it stated: “Some of the users who paid for certain premium features having their billing information/data breached as well.”
However, BlankMediaGames denies this claim from DeHashed. As per the spokesperson from BlankMediaGames they don’t handle money at all.
“We do not handle money. At all. The third party payment processors are the ones that handle all of that. We never see your credit card, payment information, anything like that. We don’t have access to that information.”
Furthermore, the company confirmed that username, IP address, email ID, and hashed password could be exposed but the rest of the information is “just game related data.”
Users are urged to immediately update their passwords for Town of Salem to stay protected. It is worth noting that the passwords were hashed but weak passwords could be easily deciphered by hackers using rainbow tables. If the password is weak and you use it to access multiple services then all of your accounts need to be updated.
The leaked database contained nearly 7,633,234 unique email IDs most of which belong to Gmail, Yahoo, and Hotmail.