Roll20 Hacked, Customer Information Possibly Exposed

A third party may have accessed customer names, emails, IP addresses, and last 4 digits of CC#s

roll-20_feature.jpg

In an email sent to customers, Roll20 announced that an administrative account had been compromised for approximately one hour on June 29, 2024. The access was blocked within one hour of the intrusion being discovered and an investigation began into the breach. From the email:

On June 29, 2024, at 6:30 P.M. Pacific Time, Roll20 learned that an administrative account was compromised. By 7:30 P.M. Pacific Time, we acted to ensure that all unauthorized access was blocked, and we began the process of investigating the incident to determine the scope.

Following our investigation, we learned that the unauthorized third-party had access to administrative tools, which may have resulted in the exposure of personal information, such as your: first and last name, email address, last known IP address, and the last 4 digits of your credit card (solely if you had a stored payment with us).

Notably, the compromised administrative tooling did not expose your password or your full payment information, such as your address or credit card number.

While we have no reason to believe that your personal information has been misused, we are notifying you out of an abundance of caution.
Click to expand...

The email states that customers with questions or who would like a copy of the account data the third party mage have access to create a support ticket with the subject line "Incident Data Request" on http://help.roll20.net. A link was also provided to the United States Federal Trade Commission website on online security for consumers. A FAQ has also been posted to the Roll20 website.
 
Click to expand...

log in or register to remove this ad

Darryl Mott
Abstruse

Darryl Mott

Darryl Mott is a tabletop gaming and media journalist with bylines from outlets including Ain't It Cool News, EN World, and Zombie Orpheus Entertainment. He also makes videos for YouTube and does live streams on Twitch as well as doing post-production and editing for the Morrus' Unofficial Tabletop RPG Talk podcast.


D

Daraniya

Explorer
Change your passwords even if they did explicitly suggest that 'no passwords' were compromised... I've seen too many PR releases where they 'care about your privacy and security' and "no customer data or passwords were leaked".

a week later "we've been made aware that we were completely owned up left, right, and center and have initiated a complete password reset for all customers 'out of an abundance of caution'. Also, we have no clue how they are storing credit card and passwords, so anyone who's saved your CC info in your account should keep a look out for the near term. (and maybe remove it because it's 'convenient' to store your CC info in their database)

was interesting to have my work invade my side-side projects, but here we are...
 

Similar Threads

Abstruse
Freebies, Sales, and Charity Bundles for June 23, 2024
Replies
0
Views
5K
Abstruse
Abstruse
Abstruse
Freebies, Sales, and Charity Bundles for June 2, 2024
Replies
1
Views
4K
Juxtapozbliss
Juxtapozbliss
Abstruse
Freebies, Sales, and Charity Bundles for May 26, 2024
Replies
2
Views
5K
aramis erak
aramis erak
Abstruse
Freebies, Sales, and Charity Bundles for June 30, 2024
Replies
0
Views
4K
Abstruse
Abstruse
Abstruse
Freebies, Sales, and Charity Bundles for June 16, 2024
Replies
2
Views
5K
Konrad13
Konrad13

Voidrunner's Codex

Related Articles

Remove ads

Voidrunner's Codex

Remove ads

Top