Online games community breached using inactive admin account credentials

Online games community Mr. Green Gaming has suffered a data breach in which the details of 27,000 members were leaked online.

The gaming forum was breached on March 1 using the compromised credentials of an inactive administrator account. The forum moderators publicly announced the security incident on Sunday, March 3.

According to a data breach notice published by one of the forum’s moderators, the unauthorized individuals not only vandalized the platform but also got their hands on the personal information of members.

“On the 1st of March 2024 we awoke to find our forums compromised. Essentially, someone discovered the login information for an inactive administrator account. While they had access to this account, they were able to vandalize the website and, more importantly, obtain confidential information,” the notice reads.

Exposed information includes usernames, email addresses, IP addresses at the time of account creation, date of birth and other public info on profiles.

Although the forum administrators believe the perpetrators lacked the means to compromise the login credentials or passwords, members are highly advised to reset passwords on their Mr. Green Gaming account, as well as any other online account that shared the same login information.

“Positively, there is no reason to think that the compromised account could have managed to leak any login credentials or password information,” Mr. Green Gaming staff added. “We store login information according to best practices, which means that all passwords are salted and hashed in case they managed to accomplish this. Despite this, it is our recommendation that you change your password anywhere you may have used it.”

This security incident reminds us of the importance of deleting old or dormant accounts we no longer use to help block potential security risks.

You can accomplish this by reviewing your Inbox, checking social media and Google services or by using a dedicated identity protection service that scours the web for public or leaked information about you.

Bitdefender Digital Identity Protection not only helps you identity and deleted potentially unwanted or unused accounts, but also provides you with real-time alerts whenever your personally identifiable information (PII) was leaked or part of data breach, allowing you to act and protect your identity and finances immediately.