Riot Games has put out a security alert after bad, bad people hacked League of Legends and nicked user data.
According to the notice, the EU West, EU Nordic, and East server databases were compromised, with information stolen including e-mail addresses, encrypted account passwords, summoner names, dates of birth, first and last names ,and encrypted security questions and answers. As a result of the breach, Riot is no longer supporting the security question and answer option for account recovery.
The developer has assured users, however, that “absolutely no payment or billing information of any kind” was taken.
Predictably enough, the notice also warns that, on investigation, Riot discovered that “more than half of the passwords were simple enough to be at risk of easy cracking”. Remember kids, “password” is actually quite a common password.
Riot has apparently fixed the exploit used by the hackers, but is requesting that everybody – THAT MEANS YOU!* – change their passwords immediately.
*Assuming you play League of Legends. If not, kindly disregard this message by sending me your bank account information, ID and passport numbers, debit card PIN, and R1,000 cash in unmarked bills.