Chess.com, a prominent online gaming platform catering to chess enthusiasts, has allegedly fallen victim to a significant data breach, resulting in the exposure of over 800,000 user records.
The Chess.com data breach, claimed by an individual operating under the name ‘DrOne,’ has prompted concerns regarding the platform’s cybersecurity measures and the safety of user information.
The alleged exposed data encompasses critical details such as email addresses, names, usernames, and geographic locations of the affected users.
The alarming aspect of Chess.com data breach emerged when a user on the X platform revealed the incident via a tweet, indicating that 99% of the compromised records were already present in various cybercriminal databases. This revelation raises pertinent questions about Chess.com’s ability to safeguard user data effectively.
Chess.com’s User Base: Putting Numbers in Perspective
The inclusion of geographic locations in the leaked data amplifies the vulnerability, potentially facilitating more targeted attacks by malicious actors. Chess.com, with over 150 million registered users, assures that the leaked records represent only a minute fraction—approximately 0.533%—of its total user base.
Nevertheless, the Chess.com data breach poses a considerable threat, as the compromised data is now readily accessible on the dark web.
The Cyber Express Team sought verification from Chess.com officials regarding the breach but has yet to receive a response. Notably, the official website remains fully functional, leaving users in a state of uncertainty about the extent of the compromise.
This incident highlights a recurring theme in Chess.com’s cybersecurity history. In February 2021, ethical hacker Sam Curry uncovered a critical vulnerability, emphasizing the platform’s susceptibility to cyber threats. This previous Chess.com data breach could have allowed unauthorized access to any account, including administrative ones.
Industry Trends: Chess.com Data Breach in the Context of Recent Leaks
The data leak on the hacking forum follows a trend, as a recent incident involving the exposure of a scraped LinkedIn database containing 816 million B2B profiles dated 2023 leaked on the dark web. The recurrence of such breaches raises questions about the security measures employed by these online platforms.
Considering the gravity of the situation, users are strongly advised to change their passwords frequently and exercise caution against phishing attempts or any suspicious activities related to their accounts. This Chess.com data breach serves as a reminder of the escalating cyber threats facing online platforms, necessitating robust cybersecurity measures.
As concerns ripple through the Chess community, frustration mounts over the compromise of personal information. The incident highlights that no online platform is immune to cyber threats, emphasizing the continuous need for proactive efforts to stay ahead of malicious actors in the ever-evolving landscape of cybersecurity.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
