Facepunch 2016 breach exposed 343,000 users

News by Doug Olenick

HaveIbeenpwned is telling its readers who might have an account with Facepunch that the game studio suffered a breach two years ago exposing their information.

HaveIbeenpwned is telling its readers who might have an account with Facepunch that the game studio suffered a breach two years ago exposing their information.

Troy Hunt’s data breach site reported that in June 2016 Facepunch was breached exposing 343,000 users. The compromised data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes.

Facepunch told HaveIbeenpwned that it was aware of the incident and had informed its users at the time.

However, responses posted to HaveIbeenpwned Twitter page are telling a different story. Several people who said they have a Facepunch account stated they were never told.

?@haveibeenpwned

New breach: Facepunch had 343k records breached in 2016 which included email and IP addresses, dates of birth and salted MD5 hashes. 81% were already in @haveibeenpwned https://haveibeenpwned.com/ 

BV1@BV1tech

Your email disclosed that Facepunch disclosed information about this breach to those who are affected. However, I had 3 accounts personally affected and not one of them has received an email regarding this from FP between June 2016 and now. I can't find any blog posts either.

An attempt to contact Facepunch through its Twitter account has so far been unsuccessful.

Originally published in scmagazine.com North America.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events