Hacker Steals 1.6 Million Accounts From Top Mobile Game's Forum

Zack Whittaker, reporting for ZDNet: A hacker has targeted the official forum of popular mobile game "Clash of Kings," making off with close to 1.6 million accounts. The hack was carried out on July 14 by a hacker, who wants to remain nameless, and a copy of the leaked database was provided to breach notification site LeakedSource.com, which allows users to search their usernames and email addresses in a wealth of stolen and hacked data. In a sample given to ZDNet, the database contains (among other things) usernames, email addresses, IP addresses (which can often determine the user's location), device identifiers, as well as Facebook data and access tokens (if the user signed in with their social account). Passwords stored in the database are hashed and salted. LeakedSource has now added the total 1,597,717 stolen records to its systems.

Re:Hypocrisy at its best

[mrbester]

iplocation.net gives me four locations for my IP. None of them are correct and the nearest one is 3 miles away from me.

Re:Hypocrisy at its best

[blueshift_1]

I would say the IP address along with the other information provided (Since usernames, emails, and passwords can contain very important information like DOB, Nickname, and name) helps you narrow down to a specific person. Just an IP cannot really tell you a user, but an IP with other information can.

Re:All this collecting and hacking

[Frosty+Piss]

What's a person gonna do with a million of data records - maybe sell it or is it just a proof of "concept"?

Very often people reuse the same passwords and user names over a swath of accounts. Not always, but often enough that knowing a gaming account that should be "throw away" or at least not the same as your Amazon or Banking account... can get a fraudster in the door and clean you out.