town of salem

On 28th of December, BlankMediaGames, developer of online role-playing browser-based game Town of Salem was hacked that resulted in a massive data breach. Over 7 million user data, including but not limited to emails, passwords and IP addresses were leaked and compromised.

1:31 pm IST: One of the game’s developers posted about the situation on Town of Salem’s official forums –

“Hey everyone,

The BMG staff is just coming back from Christmas/New years vacation and we were informed that there may have been a breach of our database. I am currently in contact with Rackspace to figure out what happened and prevent it from happening again. You should update your Town of Salem passwords to be safe.

Important Notes:
We don’t store any credit card or payment info. At all.
All passwords were hashed and not plain text. This means they do not know what your password is unless they run a program to attempt to guess it against the hashed password. Any reasonably strong password will take a very long time to be guessed.
Your accounts should all be safe still if they used the same password, but you can change that as well if you are worried.

The only important data compromised would be your Username/hashed password, IP and email. Everything else is just game related data.

Sorry that this happened, no game creator ever wants to be in this situation and having it happen over the holiday break when everyone was away was terrible timing.

Update: To clarify, we do not handle money. At all. The third party payment processors are the ones that handle all of that. We never see your credit card, payment information, anything like that. We don’t have access to that information.”

All the players are strictly advised to change their passwords and unauthorise their payment methods as soon as possible.

On the same day, Data-Mining and Hacked Database Search Engine DeHashed received an email from a sender who wishes to remain anonymous that included the evidence of server access and complete database for disclosure. The team at DeHashed has reached out to BlankMediaGames and the company is yet to respond.

“This is the first time the company has ever seen any kind of breach”, DeHashed claims. “…it was caused by an entree-level vulnerability known as “LFI” / “RFI”.

The data breach has compromised over 7,633,234 unique users’ usernames, email addresses, passwords (phpass, MD5(WordPress), MD5(phpBB3)), IP addresses, game and forum activities and payment information.

Top 50 Email Providers – BlankMediaGames

email count 4530276 928706 662824 158033 93557 77929 75164 63992 26435 24999 23881 23851 20984 17693 16875 16500 15472 14818 14800 14614 14601 14538 14040 13263 13036 11457 11094 10702 9986 9260 8992 8910 8899 8551 8436 7938 7243 7121 6994 6855 6831 6785 6595 6200 5959 5741 5480 5454 5322 5259

“Local File Execution (LFI) and Remote File Execution (RFI) are similar to the nefarious Cross Site Scripting (XSS) attacks. All of them are forms of code injection attack, with the former two being less sophisticated and therefore easily preventable. Although not taken seriously by the security community, LFI and RFI attacks constitute 21 % of all observed web application attacks.” – GetAstra

DeHashed has provided the data to Troy Hunt of HaveIBeenPwned and has teamed up with multiple security researchers in attempts to minimise the damage done by this breach.

We’ve contacted both DeHashed and BlankMediaGames to comment on the situation and update us as frequently as possible. Stay with us to get informed on the story further.

Make sure you subscribe to our push-notifications and never miss an update on the entire situation. Until next time, Happy Gaming!