R2Games company breached for the second time in two years, over one million accounts compromised
26.4.2017 securityaffairs CyberCrime
R2Games compromised for the second time in a few years, more than one million accounts of U.S., France, German, and Russian forums compromised.
Once again, the hackers target a gaming firm, the online gaming company Reality Squared Games (R2Games) has been breached for the second time in just two years. The news was reported by the data breach notification service LeakBase who reported that a hacker confirmed that the security breached happened earlier this month.The company developed many games on both iOS and Android operating systems, it currently has 19 online games in its portfolio and claims over 52 million players.R2GAMES data breach
The first incident occurred in December 2015 and went on until July 2016, more than 22 million R2Games accounts were compromised. Hacker accessed usernames, hashed passwords, IP addresses, and email addresses.
This time, the hacker claimed all forums managed by R2Games have been hacked, such as the Russian version of r2games.com.
Data belongs to forums operated by in company in various countries, including U.S., France, German, and Russia. Experts noticed that all the hacked platforms running of the vBulletin CMS whom older version are affected by well-known flaws.
Data compromised in the last breach includes user credentials, email addresses, IP addresses, and other optional attributes, such as instant messenger IDs, birthday, and Facebook related details (ID, name, access token).
Hunt identified 1,023,466 unique email addresses, 482,074 were also included in data dumps from other breaches.
The dump includes 5,191,898 unique email addresses, 3,379,071 of them related to mail.ar.r2games.com or mail.r2games.com, remaining 789,361 addresses looked like automatically generated (number]@vk.com addresses).
“When asked about the passwords, Hunt told Salted Hash many of them are MD5 with no salt, but a large number of them have a hash corresponding to the password “admin” and a few hundred thousand others are using the plain text word “sync”.” reported Salted Hash.
“The observation I’d make here is that clearly, they don’t seem to be learning from previous failures. The prior incident should really have been a wake-up call and to see a subsequent breach not that long after is worrying. Perhaps the prior denials are evidence that they just don’t see the seriousness in security,” Hunt told Salted Hash.
The gaming did not respond to requests for comment, R2Games player are invited to change passwords on R2Games forums and for any other service that shares the same login credentials.