Oh, the woes of modern life. Everyone wanted your personal data for marketing, scamming or worse, identity theft. Today’s news brings us the annoyance of the strong recommendation from another top gaming company that our password should be changed. Riot Games, creator of MOBA trendsetter League of Legends, revealed in the wee hours that it has recently been compromised.
The company has been very transparent about the issue, stating that a portion of its database, including “user names, email addresses, salted password hashes, and some first and last names were accessed.” The password list is unreadable, but given the breach in other information, insecure passwords could be determined.
Furthermore, the company is continuing to investigate some 120,000 transaction records from 2011 that were accessed. That breach included salted passwords as well as salted credit card information. Riot will be contacting the affected players through their registered email address.
North American players will be required to change their password within the next 24 hours and thereafter until a stronger password is selected. Riot Games is in the midst of developing tougher security measures, including the basic email verification and ever-increasing popularity of two-factor authentication. Two-factor authentication is used in everything from World of Warcraft to Steam to Gmail.