7.6 Million 'Town of Salem' Players Scramble to Protect Themselves After a Major Data Breach

While some of us just began to wonder what 2019 has in store for us, Town of Salem players faced a harsh reality of a data breach. Around 7.6 million accounts were compromised, as some hackers breached the game’s servers and stole its users’ information, including email addresses, passwords, and so on. The worst part is that the incident took place between the holidays when BlankMediaGames, the game's developer, was on vacation. As a result, DeHashed, the company which was informed of the breach first by an anonymous person, could not contact them. This is why the first statement notifying the Town of Salem’s users showed up only five days after the incident, on 2 January. The report claims that the stolen passwords were hashed, and not in plain text. However, the next announcement from the developers explained that the used hash is considered to be weak, and so it is quite likely that the passwords can be easily decrypted. Thus, further in the article, we will explain how to secure accounts after a data breach, as well as give you more critical details about the incident.

What is the Town of Salem?

It is a browser-based role-playing game described as “a game of murder, deception, lying, and mob hysteria.” Each player gets sorted into one of the following groups and has to pay according to the role: town, mafia, serial killers, arsonists, and neutrals. The goal is either to find the bad guys before they kill you, or kill the good guys, depending on the role you get. Naturally, to succeed one needs to be good at telling lies and detecting when someone is lying just the same, as no one knows who is who. The game is free to play, although there are things users can purchase if they want to. Because of the data breach, users, who bought anything in the game, began to fear that hackers may have obtained their credit card details. Nonetheless, the developers claim they do not handle transactions and payment data, which means it was not on their servers during the breach.

What exactly happened?

DeHashed received an anonymous email saying the popular role-playing game’s called Town of Salem servers experienced a data breach. Along with the message, the company received proof of the incident, as well as a whole database of compromised data. The specialists tried to contact BlankMediaGames in vain, as the developers did not respond to any of their calls or emails for five days. According to DeHashed specialists, the hackers exploited vulnerabilities known as Remote File Inclusion (RFI) and Local File Inclusion (LFI). Because of them, the cybercriminals were able to upload malicious files on to the Town of Salem's servers and create several backdoors. With the help of other specialists, the company managed to clean their servers and began looking for ways to protect them, as well as find a more secure hashing algorithm to protect their users' passwords better in the future.

What information got compromised?

During this data breach, hackers managed to obtain sensitive user information from around 8.4 million accounts. Nonetheless, some of them belonged to the same users, which is why it is said that cybercriminals obtained information of 7.6 million unique players. At first, there were debates whether the hackers got their hands on user’s credit card details, but as we said earlier, the company explained they do not store such data on their servers.

The information that got compromised includes players’ usernames, hashed passwords, IP addresses, email addresses, and game/forum activity details. If the used hashing algorithm (MD5) was strong, users would have nothing or less to fear about. Unfortunately, it appears that MD5 is considered to be cryptographically broken and vulnerable by cybersecurity experts. In the second announcement made by BlankMediaGames representatives, it was admitted that the team had seen passwords with a length of 10 characters being cracked. Consequently, the game’s creators strongly recommend changing passwords not only for the Town of Salem accounts but also all other accounts if the same passcode was reused elsewhere.

How to secure accounts after a data breach?

No doubt, being affected by a data breach is a scary experience for anyone who values their privacy. Naturally, many victims search for an answer to the question of what needs to be done to secure accounts after a data breach. The company that allowed the incident to happen may urge you to replace the compromised password, but what they might miss to tell you is that it is vital to ensure the new passcode is strong enough. In case the hackers obtain both your password and username, they can try to crack your new passcode too. Therefore, you have to make sure the combination is as complex as possible. Of course, coming up with a password that is both long and strong might be a difficult task for some users. Not to mention, you also have to be able to memorize it.

Fortunately, there is software that can do both of these tasks for you. As you may have guessed, we are talking about password managers. For instance, our offered Cyclonis Password Manager is free and yet provides a lot of advanced functions. With it, you can pick if you want to store passwords on a chosen device or cloud storage, where they will be kept safe, in an encrypted vault. The tool's browser extension allows saving new login credentials and replacing old ones without a fuss. Also, if you choose to, you can let it log you in automatically to your accounts, as well as, fill fields requiring identification, payment, or other information. Most importantly, with Cyclonis, you can generate random complex passcodes from chosen characters and length. The integrated complexity bar and features like Total Strength Score lets you know when the combination is not strong enough and ought to be replaced.

It might be impossible to avoid being affected by a data breach, but there are things you can do to prevent further damage, or in order words, lessen the consequences. Sad as it is, at the end of the day, it is only up to you to keep your information safe, so it is essential to react fast or, better yet, be already prepared for such incidents. If you wonder what else is there you could do, we recommend reading our previous blog post. In it, we discuss not only the biggest last year’s data breaches, but also what extra precautions you should take to maximize your accounts’ security.