• @[email protected]
    link
    fedilink
    121 year ago

    Troy Hunt, the engineer behind haveibeenpwned, said the leak was posted in 2021 but according to an unnamed source didn’t spread outside of niche Roblox communities, while at the time the company did not publicly disclose the leak or alert anyone affected. The leak then appeared on a public forum a few days ago.

    “Roblox has now contacted everyone affected," said the company in a statement sent to Hunt. >>>

    So they definitely knew about it, and definitely weren’t going to do anything about it, until it became more widely known. Yet another reason to hate this horrible, stupid company. I so wish I could convince my daughter to drop Roblox. I’ve even offered to pay for a private Minecraft server for her and all her friends.

    • LoafyLemon
      link
      fedilink
      81 year ago

      Isn’t it illegal to not disclose about a potential data breach?

      • @[email protected]
        link
        fedilink
        61 year ago

        I’m no expert but, in my brief searching shows that in California where Roblox is incorporated, it seems they are required to notify any California residents if their data was breached, and the state Attorney General if it was 500+ residents.

        Searching the AG’s website turns up nothing for Roblox.

        I guess it’s entirely possible no CA residents were involved but, given the conference was held in San Francisco, I find that very implausible.

  • @[email protected]
    link
    fedilink
    101 year ago

    Including t-shirt sizes! That’s a new one. Identity theft mannequins with accurate bellies?!?

    ???

    Profit!

  • @GorgeousDumpsterFire
    link
    71 year ago

    The website haveibeenpwned says the original breach date was 18 December 2020, with the information becoming available on 18 July 2023, with a total of 3,943 compromised accounts. The site notes that as well as all the above information, the leak even includes each individual’s t-shirt size.

    Looks like someone in charge of organizing that event got phished. This seems like the type of info that can fit into an excel sheet.