ESEA matchmaking service hacked, exposing personal information of 1.5 million users
The most established matchmaking service in North America, ESEA, experienced a security breach on Dec. 27 resulting in the leak of personal information belonging to 1.5 million users.
ESEA notified its users about the breach on Dec. 30, however, the extent of the breach was not known until the data was shared on LeakedSource, a major breach notification site.
LeakedSource confirmed that the hacked database belonged to ESEA and provided this information to net security site Salted Hash.
The breach occurred on Jan. 8, around two weeks after the hacker had gained access to a significant amount of private information from ESEA users. Although passwords were not compromised, the leaked data included emails, phone numbers, private messages, and IP addresses, which can be exploited for malicious activities like social engineering and phishing.
ESEA received a message from the perpetrator on Dec. 27, who claimed to have accessed private user data. The hacker demanded $100,000 from ESEA to prevent the public release of the information. ESEA maintained contact with the hacker while working on isolating and securing the breach. They also alerted the Federal Bureau of Investigation.