Yesterday, Riot Games president Marc Merrill (aka Tryndamere) posted on their official forum that account information for EU West and EU Nordic/East had been compromised.
After a thorough and urgent investigation with help from independent security experts, we have determined:
- Hackers gained access to certain personal player data contained in certain EU West and EU Nordic & East databases ; as a security precaution, we’re emailing all players on these platforms
- The most critical data accessed included email address, encrypted account password, summoner name, date of birth, and – for a small number of players – first and last name and encrypted security question and answer. (Note: Security question and answer are no longer used in our account recovery process.)
- Absolutely no payment or billing information of any kind was included in the breach
It’s good to see Riot being so honest about account compromise, but it’s a bad time to be anyone who has a password for anything apparently. During E3, Linkedin, as well as E-Harmony, and Last.fm were all compromised so again, be safe with your passwords and try to use something random and unguessable for every login you’ve got. It’s a pain in the ass, but it’s really the only way to say safe these days.
Source : League of Legends Forum