Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Stalker Data Breach Leads to Sale of Users’ Credentials

Date: 06/26/2020

Gaming companies can be a common target for hackers. The recent Stalker (S.T.A.L.K.E.R. (Scavengers, Trespassers, Adventurers, Loners, Killers, Explorers and Robbers)) data breach is a prime example. Online video games are big business for companies that develop action-packed, web-based games. These companies make money through initial game subscriptions, advertising within the game, data harvesting of the users’ information and microtransactions for tools and extras used in the games, although many of them allow users to play for free. Since a single popular game title can have millions of users, they can become a target for hackers who make money from having access to data.

Stalker Online, an MMO (massively multi-player online) game that lets users all over the world play the role-playing game, recently suffered an attack on its server owned by BigWorld Technology. The usernames and passwords, email addresses, phone numbers and IP addresses for more than 1.3 million players were compromised in the Stalker data breach since the data was stored in a relatively low-level security MD5 algorithm. Once the attack occurred, some sources believe the for-hire hacker Instakilla then managed to extract all of the data and post it for sale on the Dark Web.

While financial information and sensitive data like Social Security numbers were not accessed in the data breach, there is still a lot of harm that hackers and purchasers can cause with the Stalker data. Apart from phishing attacks and ransomware that can occur via email, if any of the Stalker players reused these login credentials on other accounts, then anyone who has access to the stolen data can also access the accounts. Credential stuffing can lead to account takeover or fraud.

Anyone who believes they might be a victim of the Stalker data breach should immediately change the password on their account, as well as the password of any other accounts that have the same password. Users are also encouraged to switch to using a nine to ten character passphrase instead of a more basic password since it is easier to remember and harder for hackers to guess. It is also a good idea to enable two-factor authentication where applicable for an extra layer of protection.

Victims of the Stalker data breach can live-chat with an Identity Theft Resource Center expert advisor or call toll-free at 888.400.5530. 

You might also like…

Identity Theft Resource Center Announces Change to Board of Directors

Google Alert Scam Sends Fake Data Breach Notifications Embedded With Malware

Hackers Take Advantage of COVID-19 Closures to Launch Claire’s Data Breach

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.