Data traders are allegedly swapping the details of over one million user accounts belonging to Supercell, the company behind hit mobile games such as Clash of Clans. The user accounts relate to Supercell's community forum.(via Express.co.uk)
“Our preliminary investigation suggests that the breach happened in September 2016 and it has since been fixed,” Supercell told Motherboard in a statement. The company also posted the statement onto the affected forums
, and warned users to change their passwords.
The data, of which Motherboard
obtained a small sample of 100 accounts, includes usernames, email addresses, IP addresses, and hashed passwords. Supercell uses the vBulletin forum software, which sometimes hashes passwords in a way that can be relatively easy for hackers to crack.
Paid breach notification site LeakBase provided Motherboard with the data sample. In all, LeakBase claimed the dataset contained some 1.1 million accounts.
“We take any such breaches very seriously and we follow very strict policies when it comes to security. Please note that this breach only affects our Forum service. Game accounts have not been affected,” Supercell's statement continued.
If you use their community forums, you should have received an email for a password reset already, but If you're worried about the hack, it's worth checking the website haveibeenpwned.