ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Dota2 Data Breach

dev.dota2.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 1,907,205
Breach date 10 Jul 2016
Added to tracker 23 May 2024
Data classes 4

What happened

In July 2016, the Dota2 official developers forum suffered a data breach that exposed almost 2 million users. The hack of the vBulletin forum led to the disclosure of email and IP addresses, usernames and passwords stored as salted MD5 hashes.

Exposed data

Email addresses IP addresses Passwords Usernames

Recommended actions

  • Change your Dota2 password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Dota2 โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP