Thousands of people in the furry community have been hit by a data breach affecting the website of an erotic role-playing game.
According to web security site Have I Been Pwned, hackers were able to obtain email addresses, names, order histories, hashed passwords, and both physical and IP addresses for 411,000 High Tail Hall players.
The game features sexualized, anthropomorphic animals and allows users to have ‘erotic encounters’ with other characters.
Creators of the game say they are aware of the issue and have since moved to a ‘more advanced and stable security system,’ but are urging users to change their passwords as an added precaution.
Scroll down for video
Thousands of people in the furry community have been hit by a data breach affecting the website of an erotic role-playing game. HTH Studios says the data was leaked from their old website before it switched to a more secure system in October
Troy Hunt, who runs HIBP, spotted the breach and alerted HTH Studios.
While the breach itself took place back in August, Hunt says the data appeared on a popular hacking forum months later.
‘In August 2018, the adult furry interactive game creator HTH Studios suffered a data breach impacting multiple repositories of customer data,’ Hunt tweeted.
‘Several months later, the data surfaced on a popular hacking forum and included 411k unique email addresses along with physical and IP addresses, names, orders, salted SHA-1 and salted MD5 hashes. HTH Studios is aware of the incident.’
According to HTH Studios, the data was leaked from their old website; High Tail Hall switched over to a new, more secure system in October.
According to web security site Have I Been Pwned , hackers were able to obtain email addresses, names, order histories, hashed passwords, and both physical and IP addresses for 411,000 High Tail Hall players
After being alerted by Hunt this week, however, HTH Studios says it has contacted ‘security, developers, legal counsel, and law enforcement’ to investigate the issue.
‘Both our internal security and web team security assures us that no financial data was compromised,’ an HTH admin said on the site.
The breach is just the latest in a string of attacks targeting adult websites over the last few years.
Massive hacks hit Ashley Madison, xHamster, and Adult FriendFinder back in 2015 and 2016, and so-called ‘sextortion’ scams have been on the rise.
Troy Hunt, who runs HIBP, spotted the breach and alerted HTH Studios. While the breach itself took place in August, Hunt says the data appeared on a popular hacking forum months later
HOW CAN YOU PROTECT YOUR INFORMATION ONLINE?
Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)
- Make your authentication process two-pronged whenever possible. You should choose this option on websites that offer it because when an identity-specific action is required on top of entering your password and username, it becomes significantly harder for fraudsters to access your information.
- Secure your phone. Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.
- Subscribe to alerts. A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.
- Be careful when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert you when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online.
HTH Studios says it’s taking steps to ensure its users are protected, and says its new website is a ‘MUCH more advanced and stable security system.’
‘The security and comfort of our users is the highest priority,’ HTH_Crow said in the post.
‘At this time we recommend ALL of our users update your account passwords (Just to be safe).’