Data Breach Exposes 1.6 Million Accounts from Clash of Kings Forum
The official forum of Clash of Kings, the popular mobile game, was breached, and the hacker stole nearly 1.6 million accounts. The stolen data included usernames, email addresses, IP addresses, device identifiers, Facebook data and tokens. Fortunately, user passwords were protected, as they were hashed and salted.
On July 14, the attacker exploited a weakness in the forum’s security software to steal the information. The company was using a 2013 version of vBulletin, which is vulnerable to a number of well-documented security flaws.
After stealing the information, the hacker notified LeakedSource, a website which allows users to search for their login credentials to see if they’ve been hacked. A LeakedSource member told ZDNet that the hacker was looking for websites running out-of-date forum software, and Clash of Kings was the largest site listed.
“At this point, any unpatched vBulletin 4 forum with over 100,000 users is probably hacked,” the LeakedSource member told ZDNet.
Clash of Kings is one of the most popular mobile games on the market. There have been over 100 million installs on Android devices alone.
This entry was posted in Credit Card News and tagged data breach , identity theft , mobile games , stolen information , stolen personal information , stolen passwords , LeakedSource , Clash of Kings , Clash of Kings breach , accounts , Clash of Kings forum , digital games , mobile game download , vBulletin
The information contained within this article was accurate as of July 25, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.