In a post on their website, Riot Games has confirmed that “a portion of their North American account information was recently compromised”. They have stated that “usernames, email addresses, salted password hashes, and some first and last names were accessed. This means that the password files are unreadable, but players with easily guessable passwords are vulnerable to account theft.” Further to this Riot Games say they are investigating whether “120,000 transaction records from 2011 that contained hashed and salted credit card numbers” were stolen. The process of salting data is advised when storing personal and private data. Simply put, “salting” is simply adding a random string of number in front of a persons password before scrambling it with a standardized algorithm. This means that two users who both had the password of “Password123” would be uniquely scrambled so unique and not understandable to the human eye when stored in the database. As the blog post alludes to, even the scrambled version of easy to guess passwords such as “Password123” are much easier to be backwards engineered. It is strongly advised for customers of Riot Games to change their passwords as they are at a significantly higher risk of future account takeover attempts on other website that they use.
https://nudatasecurity.com/wp-content/uploads/2013/08/riot_games.jpg 1492 1896 NuData https://nudatasecurity.com/wp-content/uploads/2017/12/Nudata_logo-300x112.png NuData2013-08-21 17:00:592018-07-09 14:51:12Riot Games, Maker of League of Legends Confirms Hacking