League of Legends players will want to access and double check their accounts as soon as possible, as Riot Games have just admitted they have just experienced a serious security hack, particularly hitting North American players.
Today’s blog post confirms that information accessed includes usernames, emails, first and last names, salted hashes, and transaction records. They did not gain access to passwords, but players who used passwords that are common or easy to guess could have had their accounts compromised.
Furthermore, the hackers found a way into the transaction records system Riot Games was using up until July 2011, and as much as 120,000 records were accessed. This information includes hashed and salted credit card numbers.
On their end, Riot has promised several security measures, including a password reset in the next 24 hours. Fans who try to login to play will be prompted to reset immediately. Riot has also promised they are emailing players whose transaction records were accessed separately for further advisement. Finally, Riot is working now to include email verification and two-factor authentication into user account security.
Aside from the 120,000 transaction records, Riot was not forthcoming on numbers or dates for the hack. While security breaches are now expected in this increasingly connected world, companies need to be transparent and provide complete information. In this case, consumer safety and security are more important than League of Legends’ reputation.
If you yourself are a League of Legends player, you can click here now to get your account reset.
Source: League of Legends
