iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Major online game platform Roblox has revealed that attendees of its Roblox Developer Conference for the last three years have been impacted by a data breach.
While the game has over 200 million active players, the data breach affected those who registered to the Roblox Developer Conference in 2022, 2023 and/or 2024.
The breach didn’t affect Roblox itself, but FNTech, the vendor Roblox used to manage its conference registrations.
“A Roblox vendor recently notified us that there had been unauthorised access to a subset of Roblox user information from a 2022–2024 Roblox Developer Conference registration list via its website,” said Roblox in a statement.
“Your personal information in the categories below may have been included among the accessed data:
“Registered name, email and IP address.”
Roblox has notified all developers who registered on FNTech about the recent data breach. pic.twitter.com/JmJiXGC4ub
— RTC (@Roblox_RTC) July 5, 2024
FNTech has yet to release a public statement on the matter. Cyber Daily has reached out to FNTech requesting comment or a statement.
The threat actor behind the incident is currently unknown.
The incident is far from the first suffered by Roblox, with the platform’s massive player count attracting threat actors.
The Roblox Developer Conference has suffered incidents in the past, with attendees of the conference between 2017 and 2021 having had their personal data leaked, according to a source speaking with Have I Been Pwned’s Troy Hunt on 18 July 2023.
By 20 July, Roblox had addressed the incident, saying it had contacted those affected.
“Roblox is aware of a third-party security issue where there were indications of unauthorised access to limited personal information of a subset of our creator community. We engaged independent experts to support the investigation led by our information security team,” the company wrote on 24 July.
“Those who were impacted have received an email communicating the next steps we are taking to support them. We will continue to be vigilant in monitoring and vetting the cyber security posture of Roblox and our third-party vendors.”
A month later in August, Roblox developers were targeted with information-stealing malware. The malware, known as “Luna Grabber”, was disguised as commonly used open-source software, tricking the developers into downloading it.
Be the first to hear the latest developments in the cyber industry.
