Store Page
Town of Salem
All Discussions Screenshots Artwork Broadcasts Videos News Guides Reviews

Town of Salem

Store Page
View Stats:
Global Achievements
Crazyfaith Jan 1, 2019 @ 10:13pm
let's see if this get deleted by a mod "You're one of 7,633,234 people pwned in the BlankMediaGames data breach"
"You've been pwned!
You signed up for notifications when your account was pwned in a data breach and unfortunately, it's happened. Here's what's known about the breach:
Email found: ****************r@hotmail.com
Breach: BlankMediaGames
Date of breach: 28 Dec 2018
Number of accounts: 7,633,234
Compromised data: Browser user agent details, Email addresses, IP addresses, Passwords, Purchases, Usernames, Website activity
Description: In December 2018, the Town of Salem website produced by BlankMediaGames suffered a data breach. Reported to HIBP by DeHashed, the data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes. DeHashed made multiple attempts to contact BlankMediaGames over various channels and many days but had yet to receive a response at the time of publishing.

be careful and change you password INTERMEDIATELY
The author of this topic has marked a post as the answer to their question.
Click here to jump to that post.
Originally posted by mimizukari:
Originally posted by Flavorable:
Originally posted by Pug:
The game database servers were hacked, but the hackers didn't get people's credit card information! In other words, the game maker didn't have that stored (thankfully).
They did still get unique user email addresses alongside usernames, IP addresses, purchase histories (how much and when), as well as people's passwords stored as phpass hashes.

They didn't get purchase histories. Not sure where you get that info from?

They literally only got encrypted passwords, e-mailaddresses/usernames, IP-addresses and which browser people use to sign in.
As someone who knows how to obtain this data, They got more than what you said, but it is entirely correct that no credit card information is saved on their website as they use third party providers, whether it be steam or paypal, etc.... However, some people did get their billing information leaked (namely, I believe people who bought coven on the website itself, not using steam), and forum activity was also leaked.

There's no way I can upload a file this large to send to developers, and it's already taken down from the sites I found it on, but it sounds like someone sent you guys a truncated version if any.


edit: when I say billing information, I mean: Email, Full Names, Billing & Shipping addresses, IP address, amount paid, and some other details, no credit card numbers or anything, but still not good to say that information isn't there when it is. Some people might end up with some spam mail/email in the future because of this sadly.
< >
Showing 1-15 of 55 comments
b0nk Jan 1, 2019 @ 10:31pm 
this is just in case i have the same passwords on other accounts right?
#1
Serene Jan 1, 2019 @ 10:35pm 
https://blog.dehashed.com/town-of-salem-blankmediagames-hacked/ more info. Everyone's out for the holiday, it seems.
#2
SaltnVinegar Jan 1, 2019 @ 11:12pm 
The data affected, includes but is not limited to:

Usernames, Emails, Passwords (phpass, MD5(WordPress), MD5(phpBB3)), IP Addresses, Game & Forum Activity, & Payment Information. With some of the users who paid for certain premium features having their billing information/data breached as well.


Does this mean my payment info has been hacked? Coz Ive bought heaps of ♥♥♥♥ using a CC.
#3
Grey Fogg Jan 1, 2019 @ 11:16pm 
Basically if you use the same password elsewhere change it - I've spent the last hour doing this so annoying
#4
Cyan Lizard from Rain World Jan 1, 2019 @ 11:17pm 
Originally posted by Grey Fogg:
Basically if you use the same password elsewhere change it - I've spent the last hour doing this so annoying
What were you doing using the same password in a lot of places? If you've been spending an hour changing passwords, this is how you get hacked.
#5
Grey Fogg Jan 1, 2019 @ 11:21pm 
My blankmedia games account password was obtained along with a few million others, the blankmedia games password was used elsewhere so they have been changed now (the hour was an exaggeration but it's still annoying) - if anyone else has used the same password elsewhere recommend it be changed

It is disappointing there does not seem to be an official annoucement
Last edited by Grey Fogg; Jan 1, 2019 @ 11:46pm
#6
Poison Jan 2, 2019 @ 12:23am 
wow this is my Second data Breach and i didnt even notice xD welp tos luckily has Different Id and Pw than all my other accs just cause i changed data of all other over time while i never changed Tos pw or id
#7
Tygra Jan 2, 2019 @ 12:30am 
Originally posted by Duke.390:
The data affected, includes but is not limited to:

Usernames, Emails, Passwords (phpass, MD5(WordPress), MD5(phpBB3)), IP Addresses, Game & Forum Activity, & Payment Information. With some of the users who paid for certain premium features having their billing information/data breached as well.


Does this mean my payment info has been hacked? Coz Ive bought heaps of ♥♥♥♥ using a CC.

might be f-ed. always use a third party payment processor
#8
Lucifer ★✬ Jan 2, 2019 @ 3:06am 
Unless a mod says otherwise I call bull
#9
Flavorable Jan 2, 2019 @ 3:44am 
http://www.blankmediagames.com/phpbb/viewtopic.php?f=11&t=95378

Pay special attention to:

Important Notes:
We don't store any credit card or payment info
All passwords were hashed and not plain text, so your emails should all be safe still if they used the same password, but you can change that as well if you are worried.

The only important data compromised would be your Username/hashed password, IP and email. Everything else is just game related data.

So while I don't mind leaving this topic up, since I see no reason for deleting it at all, I would appreciate people not spreading false info like payment info being breached.
#10
Lucifer ★✬ Jan 2, 2019 @ 3:55am 
Originally posted by Flavorable:
http://www.blankmediagames.com/phpbb/viewtopic.php?f=11&t=95378

Pay special attention to:

Important Notes:
We don't store any credit card or payment info
All passwords were hashed and not plain text, so your emails should all be safe still if they used the same password, but you can change that as well if you are worried.

The only important data compromised would be your Username/hashed password, IP and email. Everything else is just game related data.

So while I don't mind leaving this topic up, since I see no reason for deleting it at all, I would appreciate people not spreading false info like payment info being breached.
So it is fake? Knew it.

Gatta love stupid trolls thinking there smart... I sigh at people that fell for it... and feel sad for them
#11
Pug Jan 2, 2019 @ 4:07am 
Originally posted by Lucifer ★✬:
Gatta love stupid trolls thinking there smart... I sigh at people that fell for it... and feel sad for them
The game database servers were hacked, but the hackers didn't get people's credit card information! In other words, the game maker didn't have that stored (thankfully).
They did still get unique user email addresses alongside usernames, IP addresses, purchase histories (how much and when), as well as people's passwords stored as phpass hashes.
#12
Rêveur Nocturne Jan 2, 2019 @ 4:15am 
Originally posted by Lucifer ★✬:
So it is fake? Knew it.
I don't think this is fake, the source seems quite reliable. The question is: If it is true that BlankMediaGames does not store payment informations, how did the hacker get them anyway? Somewhere the informations must have been stored, at least temporarily, to give users access to their purchase.
#13
JoeDaTomato Jan 2, 2019 @ 4:24am 
Originally posted by Lucifer ★✬:
Originally posted by Flavorable:
http://www.blankmediagames.com/phpbb/viewtopic.php?f=11&t=95378

Pay special attention to:

Important Notes:
We don't store any credit card or payment info
All passwords were hashed and not plain text, so your emails should all be safe still if they used the same password, but you can change that as well if you are worried.

The only important data compromised would be your Username/hashed password, IP and email. Everything else is just game related data.

So while I don't mind leaving this topic up, since I see no reason for deleting it at all, I would appreciate people not spreading false info like payment info being breached.
So it is fake? Knew it.

Gatta love stupid trolls thinking there smart... I sigh at people that fell for it... and feel sad for them
It’s not fake, it’s just misleading. Granted, extremely misleading, but misleading nonetheless.
#14
Vantezzle Jan 2, 2019 @ 4:35am 
I just got the haveibeenpwned email...I've played literally one round of this game three years ago(Didn't like the game at all) and I honestly don't remember what password I used..What should I even do?
#15
< >
Showing 1-15 of 55 comments
Per page: 1530 50

Town of Salem > General Discussions > Topic Details
Date Posted: Jan 1, 2019 @ 10:13pm
Posts: 55

Discussions Rules and Guidelines