One of the most popular online games on the planet has been attacked by hackers. Riot Games, the company behind the huge multiplayer online battle arena game League of Legends, announced today that “a portion” of North American accounts have been compromised.
Hackers were able to access usernames, email addresses, encrypted passwords and some names, Riot said. The hackers also accessed some encrypted credit cards that were used in 2011:
Additionally, we are investigating that approximately 120,000 transaction records from 2011 that contained hashed and salted credit card numbers have been accessed. The payment system involved with these records hasn’t been used since July of 2011, and this type of payment card information hasn’t been collected in any Riot systems since then.
You can change your League of Legends password right here. Riot says they’ll be adding new security features as well:
As a measure to make your accounts safer, within the next 24 hours we’ll require players with accounts in North America to change their passwords to stronger ones that are much harder to guess. At such time, you’ll be automatically prompted to change your password when you attempt to log in to the game. If you’d prefer, please click here to change your password now.
Additionally, new security features that are currently in development include:
- Email verification: all new registrations and account changes will need to be associated with a valid email address (we’ll also require all existing players to provide a valid email address).
- Two-factor authentication: changes to account email or password will require verification via email or mobile SMS.
Other useful info, via our friends at Lifehacker: how to ensure your password is secure, and how to keep track of all those secure passwords.
Comments
5 responses to “League Of Legends Hacked, Some (Encrypted) Credit Cards At Risk”
League of Legends pathetic account security finally catches up to them in other ways. At least this has finally prompted Riot to introduce proper personal account security.
xD i was considering signing up for it to. Not any more…
You can still sign up for it just don’t put proper personal details and don’t use your credit card ya dingus.
Yes but it sounds as if it is (still) lacking in security.
So in other words you really just be trollin =P
what would it matter how secure it is, if you use bogus details, and no credit card?
what if i am using oceanic australia account???Do i have to change my password as well???
I’m rather curious as to what this will mean for Australians who have recently been transferred from NA to the oceanic servers during the free transfers around 4 months ago. Any chance you could make some queries Jason?
Yes. You should.