League of Legends got backdoored. Riot Games sent out an update to North American players today warning that the online game's account information including encrypted credit card numbers and passwords may have been illegally accessed.
About 120,000 transaction records from 2011 containing hashed and salted credit card information were compromised. Your info is only at risk if you made purchases through the system before July of that year, though it should be difficult if not impossible to decrypt. Riot said it plans to notify affected players by email and take appropriate action to safeguard them.
Aside from the older system, current account information including usernames, email addresses, encrypted passwords, and even some first and last names were accessed. Players with easy-to-guess passwords (that's you, passw0rd and abcd1234) are still vulnerable to brute-force guesses. With that in mind, all North American players must reset their passwords within the next 24 hours.
Riot said it is working on email verification and two-factor authentication, both industry standard security features, for future implementation.
15 days after Wii U servers were supposed to be shut down, the last surviving Splatoon player is still hanging on as the servers crumble around them
Al Pacino and The Guest star to play priests in a new exorcism horror movie based on a true story
Stellar Blade director "grew up too poor to afford" a PS1, but when he finally got one in college, Ridge Racer and Final Fantasy inspired him to make games
