Content

Town of Salem breach affects 7 million accounts

The Town of Salem (video game) was hit with a massive data breach last week that exposed the information on more than 7 million users.

The breach was discovered by the cybersecurity research Dehashed on December 28 when he received an anonymous email that indicated someone had gained access to the game’s database. Town of Salem is a role-playing game operated by BlankMediaGames.

Dehashed reported the compromised data includes usernames, emails, passwords (phpass, MD5(WordPress), MD5(phpBB3)), IP addresses, game and forum activity, and some payment card information for those members who have paid for the games premium services.

The company has posted a response saying it is investigating the problem, has put out a patch to block access and is recommending all users change their passwords.

“We don't store any credit card or payment info. At all. All passwords were hashed and not plain text. This means they do not know what your password is unless they run a program to attempt to guess it against the hashed password. Any reasonably strong password will take a very long time to be guessed,” BlankGamingMedia wrote, adding most of the user data it stores is game related.

Dehashed believes access was gained using an LFI/RFI attack, which is similar to a cross-site scripting attack.

SC Media has reached out to BlankGamingMedia for a comment.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds