Recent predictions about the massive growth of ransomware attacks seem to be materializing, with another major breach. This one, on Dec. 27, led to the compromise of some 1.5 million user records, according to LeakedSource.
E-Sports Network ESEA, a platform for video game tournaments, did not detect the hack, but was informed by hackers who asked for $100,000 to not leak or sell the data on the black market. The company exchanged emails with the hackers, asked the FBI for help and started informing customers about the hack.
“We do not give in to ransom demands and paying any amount of money would not have provided any guarantees to our users as to what would happen with their stolen data,” ESEA said.
After ESEA refused to pay ransom, the hackers published sensitive data about account owners, including emails, private messages and phone numbers.
“We are still investigating but believe that a large portion of the ESEA community members’ information including usernames, emails, private messages, IPs, mobile phone numbers (for SMS messages), forum posts, hashed passwords, and hashed secret question answers could all have been exposed,” reads the company website.
ESEA is looking into implementing more robust security. In the meantime, customers are advised to immediately change their passwords, security questions and answers. If these were reused for other accounts, users are also advised to review all activity and report any suspicious actions.