ShellCodeX Breach Report
League of Legends Data Breach
leagueoflegends.com
Verified breach
Passwords exposed
Accounts exposed
339,487
Breach date
11 Jun 2012
Added to tracker
28 Jul 2018
Data classes
3
What happened
In June 2012, the multiplayer online game League of Legends suffered a data breach. At the time, the service had more than 32 million registered accounts and the breach affected various personal data attributes including "encrypted" passwords. In 2018, a 339k record subset of the data emerged with email addresses, usernames and plain text passwords, likely cracked from the original cryptographically protected ones.
Exposed data
Email addresses
Passwords
Usernames
Recommended actions
- Change your League of Legends password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing League of Legends โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP