ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

gPotato Data Breach

gpotato.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 2,136,520
Breach date 12 Jul 2007
Added to tracker 24 Sep 2016
Data classes 10

What happened

In July 2007, the multiplayer game portal known as gPotato (link to archive of the site at that time) suffered a data breach and over 2 million user accounts were exposed. The site later merged into the Webzen portal where the original accounts still exist today. The exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as gender, birth date, physical address and security questions and answers stored in plain text.

Exposed data

Dates of birth Email addresses Genders IP addresses Names Passwords Physical addresses Security questions and answers Usernames Website activity

Recommended actions

  • Change your gPotato password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing gPotato โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP