As a result of data leakage from Roblox, 4,000 developers profiles were open to open access

A large leakage of data took place on a large Roblox gaming platform, as a result of which personal data were published, including addresses of Roblox developers conference from 2017 to 2020. The leak affected about 4 thousand. Man and included their names, phones, email addresses, date of birth and size of t -shirts. Such information can be used by attackers to steal personality and other types of fraud. This raises serious questions about how reliably the data of one of the largest game platforms are protected.

“Roblox is aware of the security problem that arose as a result of the actions of third parties who indicate unauthorized access to the limited personal information of some members of our community of the creators,” said Roblox representative by e -mail. “We attracted independent experts to help in the investigation that our information security team conducts. We will send an email to those who suffered from this, with information about what we will do to support them. We continue to carefully monitor the state of cybersecurity Roblox and our external suppliers ”.

It does not seem that Roblox showed special vigilance here. The Haveibeenpwned website reports that the initial hacking date is December 18, 2020., And the information became available on July 18, 2023., In total, 3943 accounts were compromised. The site notes that in addition to the mentioned information, the leak contains even the size of the T -shirt of each person.

The consequences of this for the victims are the theft of personal data and fraud, and the amount of data causes a special alarm: this is almost all that is needed to effectively pass himself for another person. In addition to this statement, Roblox did not give any additional explanations, and probably the investigation of this will continue for some more time, especially if someone from this list has really suffered. Everyone who affected this should be verified the information on the Haveibeenpwned website and include two -factor authentication on all your accounts (as well as in the near future to closely carefully monitor your banking operations).

Troy Hunt, who created the Haveibeenpwned website, said that the leak was published in 2021, but according to an anonymous source, it did not go beyond the narrow circles of the Roblox community, and the company did not make it public and did not notify everyone victims. Then the leak appeared on one of the public forums a few days ago.

“Now Roblox has contacted all the victims,” the company sent to Hunt said. “The minimum injured users simply got an apology. For more seriously injured users, they provided an annual protection of personal data, and for everyone else, an apology.”