ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Facepunch Data Breach

facepunch.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 342,913
Breach date 03 Jun 2016
Added to tracker 17 Oct 2018
Data classes 5

What happened

In June 2016, the game development studio Facepunch suffered a data breach that exposed 343k users. The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes. Facepunch advised they were aware of the incident and had notified people at the time. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.

Exposed data

Dates of birth Email addresses IP addresses Passwords Usernames

Recommended actions

  • Change your Facepunch password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Facepunch โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP