Emuparadise data breach exposed account info of 1.1 million gamers

Emuparadise data breach exposed account info of 1.1 million gamers

Data breaches in the UK costing organisations £2.99 million on average

Emuparadise, a website offering popular retro games dating back over twenty years to gaming enthusiasts, suffered a major data breach in April last year that compromised profile information of over a million gamers, breach database "Have I Been Pwned?" has revealed.
The breach, that took place in or around 1st April last year, compromised email addresses, usernames, passwords, and IP addresses that were linked to 1,131,229 user accounts. These details were taken by cyber criminals from Emuparadise vBulletin forums but it is believed that the breach did not compromise payment cards or other financial information of gamers.
"In April 2018, the self-proclaimed "biggest retro gaming website on earth", Emupardise, suffered a data breach. The compromised vBulletin forum exposed 1.1 million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by dehashed.com," said Have I Been Pwned? in a notification published last week.
Emuparadise data breach exposed account info of 1.1 million gamers
While it is not known if Emuparadise detected the breach or informed affected gamers, the gaming platform migrated to a fresh Net64+ server a month after the breach took place to allow gamers to play against each other.
However, several gamers recently enquired about the breach incident on the retro gaming platform's public forum as they were unaware of it. Responding to queries regarding whether the breach did take place, Emuparadise confirmed that the breach indeed took place and in response, it forced every user to change their password.
"We didn't announce it publicly but we forced everyone to change their password. And we enforce that measure twice every year. This is old news. Old news as in the owner was aware of it and so were staff. It was reported but not publicly," Emuparadise said.
ALSO READ: Credential-stuffing attack compromises Dunkin' Donuts member accounts

Copyright Lyonsdown Limited 2021

Top Articles

It’s time to upgrade the supply chain attack rule book

How can infosec professionals critically reassess how they detect and quickly prevent inevitable supply chain attacks?

Driving eCommerce growth across Africa

Fraud prevention company Forter has partnered with payments technology provider Flutterwave to drive eCommerce growth across Africa and beyond.

Over 500,000 Huawei phones found infected with Joker malware

The Joker malware infiltrated over 500,000 Huawei phones via ten apps using which the malware communicates with a command and control server.

Related Articles