The retro gaming site ‘Emuparadise’ suffered a data breach in April 2018, which led to the exposure of account details of almost 1.1 million Emuparadise forum members.
What information was exposed?
The exposed account information includes members’ email addresses, IP addresses, usernames, and passwords stored as salted MD5 hashes.
The big picture
Emuparadise forum members reported that they have been receiving notices from Have I Been Pwnd and HackNotice that their account information has been exposed due to the Emuparadise data breach which occurred in April 2018.
Have I Been Pwnd claimed that it received a database from DeHashed.com on June 9th, 2019, that contained almost 1,131,229 Emuparadise member accounts.
“In April 2018, the self-proclaimed biggest retro gaming website on earth, Emuparadise suffered a data breach. The compromised vBulletin forum exposed 1.1 million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by dehashed.com,” Have I Been Pwnd said.
However, how DeHashed gained access to the database remains unknown. It is to be noted that Emuparadise database has been available for sale in the hacking forums since January 2019.