League of Legends Transactions Database Breached, 120,000 Records Affected

The game's acronym may inspire laughter, but a recent hacking targeting it is as serious as a heart-attack (alright, maybe not that serious). Riot Games, LoL's developer, posted on its website this week that 120,000 transaction records from 2011 have been exposed (to someone, or some group), although thanks to the fact that credit card numbers were both hashed and salted, the actual risk of someone being able to take advantage of your financial data is extremely low.

However, the fact that that many transactions have been affected is a bit alarming. In addition to these hashed credit card numbers, email addresses, usernames, real names and hashed passwords have also been exposed. For what it's worth, Riot Games has said that this particular payment system has not been in use since July 2011, so anyone who's made a payment after that date have nothing to worry about.

While a breach like this is hardly ideal for the users affected, I have to give major props to Riot Games for making sure that the truly sensitive information (credit cards) were hashed and salted. This hiccup would have been a full-blown disaster if not for that.

Next time you log into your LoL account, you'll be asked to reset your password. The devs note that two-factor authentication is in the works for increased account security (admittedly something that would have made no difference here), along with email verification.

Tags:  security, Hacking, MOBA
Post a Comment
or Register to comment