By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Account information belonging to 569,703 players of the Mortal Online massively multiplayer online role-playing game (MMORPG) has been sold online several times since it was leaked as a result of a data breach. On June 17, an unauthorized third party accessed a server holding shop and forum databases, and pilfered the data. The developers made the announcement four days after they learned about the breach, following an investigation that found evidence of an intrusion. "We do not store any credit card information on our servers so that information is still completely safe," the developers informed. What the intruder(s) managed to get, though, were more than half a million usernames, and passwords that appear to have been saved as MD5 hashes. MD5 is a hashing function that is currently used mostly as a checksum to verify data integrity against non-intentional corruption. It is susceptible to collision attacks that take seconds to find with low computing power. The MD5 hash algorithm was declared "not safe" by its own creator in 2012 after research showed how susceptible it was to brute-force attacks. The Mortal Online database has been added recently to Troy Hunt's Have I Been Pwned collection, provided by Adam Davies, data analyst and security researcher. Users whose data has been exposed online can use Hunt's website to check whether their usernames have been compromised in breaches. We have more posted on OUR FORUM.