The popular online tabletop and role-playing game platform Roll20 announced on Wednesday that it had suffered a data breach, which exposed some users’ personal information.
In a post published on its official website, Roll20 said that on June 29 it had detected that a “bad actor” gained access to an account on the company’s administrative website for one hour, after which the company “blocked all unauthorized access and ended the network breach.”
“The bad actor modified one user account, and we promptly reversed those modifications. During this time, the bad actor was able to access and view all user accounts,” the company wrote.
The hacker, according to Roll20, “may have been able to view” users’ personal information, including full name, email address, last-known IP address, and the last four digits of their credit card, if the user had stored a payment method on their account. The company added that the hacker did not have access to passwords or full payment information like home addresses and full credit card numbers…
from TechCrunch – https://trl.ca/344