[BMG Responds] Massive Town Of Salem Data Breach; Over 7 Million Accounts Compromised

town of salem

On 28th of December, BlankMediaGames, developer of online role-playing browser-based game Town of Salem was hacked that resulted in a massive data breach. Over 7 million user data, including but not limited to emails, passwords and IP addresses were leaked and compromised.

1:31 pm IST: One of the game’s developers posted about the situation on Town of Salem’s official forums –

“Hey everyone,

The BMG staff is just coming back from Christmas/New years vacation and we were informed that there may have been a breach of our database. I am currently in contact with Rackspace to figure out what happened and prevent it from happening again. You should update your Town of Salem passwords to be safe.

Important Notes:
We don’t store any credit card or payment info. At all.
All passwords were hashed and not plain text. This means they do not know what your password is unless they run a program to attempt to guess it against the hashed password. Any reasonably strong password will take a very long time to be guessed.
Your accounts should all be safe still if they used the same password, but you can change that as well if you are worried.

The only important data compromised would be your Username/hashed password, IP and email. Everything else is just game related data.

Sorry that this happened, no game creator ever wants to be in this situation and having it happen over the holiday break when everyone was away was terrible timing.

Update: To clarify, we do not handle money. At all. The third party payment processors are the ones that handle all of that. We never see your credit card, payment information, anything like that. We don’t have access to that information.”

All the players are strictly advised to change their passwords and unauthorise their payment methods as soon as possible.

On the same day, Data-Mining and Hacked Database Search Engine DeHashed received an email from a sender who wishes to remain anonymous that included the evidence of server access and complete database for disclosure. The team at DeHashed has reached out to BlankMediaGames and the company is yet to respond.

“This is the first time the company has ever seen any kind of breach”, DeHashed claims. “…it was caused by an entree-level vulnerability known as “LFI” / “RFI”.

The data breach has compromised over 7,633,234 unique users’ usernames, email addresses, passwords (phpass, MD5(WordPress), MD5(phpBB3)), IP addresses, game and forum activities and payment information.

Top 50 Email Providers – BlankMediaGames

email count
gmail.com 4530276
hotmail.com 928706
yahoo.com 662824
outlook.com 158033
icloud.com 93557
aol.com 77929
live.com 75164
hotmail.co.uk 63992
comcast.net 26435
web.de 24999
ymail.com 23881
mail.ru 23851
google.ca 20984
seznam.cz 17693
wp.pl 16875
gmx.de 16500
msn.com 15472
googlemail.com 14818
live.co.uk 14800
me.com 14614
yahoo.co.uk 14601
abv.bg 14538
hotmail.fr 14040
rocketmail.com 13263
mail.com 13036
hotmail.ca 11457
live.nl 11094
yahoo.ca 10702
live.ca 9986
o2.pl 9260
hotmail.de 8992
windowslive.com 8910
att.net 8899
live.se 8551
sbcglobal.net 8436
yopmail.com 7938
hotmail.it 7243
verizon.net 7121
yahoo.de 6994
aim.com 6855
trbvm.com 6831
yandex.ru 6785
hotmail.se 6595
mvrht.net 6200
live.dk 5959
cox.net 5741
btinternet.com 5480
live.com.au 5454
hotmail.es 5322
yandex.com 5259

“Local File Execution (LFI) and Remote File Execution (RFI) are similar to the nefarious Cross Site Scripting (XSS) attacks. All of them are forms of code injection attack, with the former two being less sophisticated and therefore easily preventable. Although not taken seriously by the security community, LFI and RFI attacks constitute 21 % of all observed web application attacks.” – GetAstra

DeHashed has provided the data to Troy Hunt of HaveIBeenPwned and has teamed up with multiple security researchers in attempts to minimise the damage done by this breach.

We’ve contacted both DeHashed and BlankMediaGames to comment on the situation and update us as frequently as possible. Stay with us to get informed on the story further.

Make sure you subscribe to our push-notifications and never miss an update on the entire situation. Until next time, Happy Gaming!

Leave a Comment

Your email address will not be published. Required fields are marked *