- Everyone in GoFundMe scam involving homeless veteran has now pleaded guilty 6 Years Ago
- Boy invites kindergarten class to his adoption–and people are emotional 6 Years Ago
- Reddit links leaked trade deal documents to Russian campaign Today 10:44 AM
- How to stream Alistair Overeem vs. Jairzinho Rozenstruik Today 8:30 AM
- Amazon sends customers condoms and soap instead of Nintendo Switch Today 8:28 AM
- How to live stream Jermall Charlo vs. Dennis Hogan Today 8:00 AM
- Apple TV’s ‘Truth Be Told’ is a criminally dull drama Today 6:00 AM
- Thousands of Uber users have reported sexual assaults, company says Friday 5:40 PM
- ‘Astronomy Club’ reformats the sketch show Friday 4:58 PM
- Trump is concerned America’s toilets too weak Friday 3:53 PM
- Twitter users claim Billie Eilish is ‘over’ because she didn’t like Lady Gaga’s meat dress Friday 2:53 PM
- Nikki Haley says the Confederate flag was fine until Dylann Roof ‘hijacked’ it Friday 2:49 PM
- How emotional labor discourse spawned multiple memes Friday 2:22 PM
- Video of YouTuber Onision threatening ex-girlfriend resurfaces Friday 2:03 PM
- Marianne Williamson embraces anti-vax stance on Facebook Friday 1:58 PM
Hackers breach ‘League of Legends,’ access 120,000 credit card numbers
The world’s “most played video game” gets gamed.
The developer behind League of Legends, the most popular video game on the planet, announced yesterday that about 120,000 player credit card numbers may have been stolen as just part of an unprecedented hack of its servers.
Riot Games detailed the full extent of the attack in a blog post:
What we know: usernames, email addresses, salted password hashes, and some first and last names were accessed. This means that the password files are unreadable, but players with easily guessable passwords are vulnerable to account theft.
The developer expressed hope that the impact of that last number would be limited, as they have not collected “this type of payment card information” in their systems since 2011.
Passwords are vulnerable, despite being salted—meaning they’re attached to random strings of data that make it more difficult for hackers to run their usual tricks when trying to decrypt them.
“The password files are unreadable,” Riot Games explained, “but players with easily guessable passwords are vulnerable to account theft.”
For a serious gamer, this can be as bad as hearing that your financial info was swiped, and potentially more devastating on the emotional level. Not every hacker is after money, after all: last October, someone unleashed a bug in World of Warcraft that killed off thousands of characters.
So what exploit did the League of Legends gatecrashers have in mind? An actual heist, or malicious mischief? Either way, Riot Games is taking steps to beef up security, including the implementation of two-factor authentication. But over at CNET, commenters are unimpressed.
“Implementing 2-factor after the fact will be a disaster,” wrote vorthex_. “Bad guy will crack the passwords, log in, change the email address and activate 2-factor on accounts who didn’t change their password, put in the number of a throw away phone, thus locking out the original owner for good.”
“Do all of these extra security measures even matter when the hackers are using modern day database extraction tools to get our data,” asked blazer412.
The hackers at large could probably answer that question, but don’t expect them to. They’re busy working on the next big thing.
Miles Klee is a novelist and web culture reporter. The former editor of the Daily Dot’s Unclick section, Klee’s essays, satire, and fiction have appeared in Lapham’s Quarterly, Vanity Fair, 3:AM, Salon, the Awl, the New York Observer, the Millions, and the Village Voice. He's the author of two odd books of fiction, 'Ivyland' and 'True False.'