League of Legends developer Riot Games has issued a statement detailing a recent breach of some of the company's servers that resulted in the theft of player information.
The EU West and EU Nordic & East databases were accessed in the intrusion, and Riot says that while no payment or billing info was taken, what was lost were email addresses, the name of a player's character, dates of birth and, in some cases, "first and last name and encrypted security question and answer".
Riot says the "specific security issue" hackers were able to exploit has been fixed and is now notifying all affected. Because as many as half of the passwords stolen were basic enough to be "simple enough to be at risk of easy cracking", they're recommending that everybody change their passwords. And make it a little more complicated this time.
In terms of a response, Riot says it has "hired experts and are working with the relevant authorities to more thoroughly understand causes, culprits and preventative measures to make future breaches less likely."
Riot's Marc Merrill Brandon Beck apologised to players for the breach, saying, "We take your privacy and security seriously, and we're working diligently to improve it for the better."
League of Legends Account Security Alert [League of Legends]