Riot Games

League of Legends suffers security breach

August 20th, 2013

League of Legends players were warned of a security breach, which was expected to result in the theft of some user data. Affected payers were sent notifications depending on how they were affected. This security breach led to the promotion of implementation of some new security features that are now in development.

According to the company, the data breach resulted in compromise of some usernames, email addresses, names and passwords. As the passwords were encrypted, the hacker will not be able to use them to access accounts, but could use the other information stolen to breach accounts.

About 120,000 transaction records dated in 2011 were accessed in this breach. These transaction records contained credit card numbers, and were part of a system that it says has not been used since 2011, when the records were produced.

Players located in North America were only affected in this breach incident, all of whom were asked to change their password within 24 hours and the new ones should be more complex and hard to guess. The requirement will follow an automatic prompt that appears when a player tries to log in, but gamers can get a jump on this by changing the password on their own now.

As a result of this breach, new security measures have spawned, two of which are currently being developed: email verification and two-factor authentication. The email verification will require registration and account changes to be made by verifying a valid email address, while two-factor authentication will need to be verified using a text message or email.

“We’re sincerely sorry about this situation,” Riot Games’ Marc Merrill and Brandon Beck said in a statement. “We apologize for the inconvenience and will continue to focus on account security going forward.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta