ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Unreal Engine Data Breach

unrealengine.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 530,147
Breach date 11 Aug 2016
Added to tracker 07 Nov 2016
Data classes 3

What happened

In August 2016, the Unreal Engine Forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 530k accounts including usernames, email addresses and salted MD5 hashes of passwords.

Exposed data

Email addresses Passwords Usernames

Recommended actions

  • Change your Unreal Engine password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Unreal Engine โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP