Unfortunately, we have become aware of a data breach in one of our systems, in which a malicious actor gained access to parts of our forum’s user database.
The intruder was able to access forum user profiles, which include the e-mail addresses connected to those forum accounts.
On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords). These can NOT be used to log in to Albion Online, the website or the forum, nor can they be used to learn the passwords themselves. However, there is a small possibility they could be used to identify accounts with particularly weak passwords.
It is important to note that no payment information was accessed, or could ever have been accessed in this way.
What should you do now?
If you have a forum account, you should, as a precaution, change the password to your Albion Online account. You can do that by going to albiononline.com/en/profile/ and scrolling down to the bottom of the page.
Should you have also used the same password on other webpages or services, we strongly encourage you to change it there as well, and use unique passwords going forward.
What are we doing now?
We have already closed the vulnerability and are now running additional checks to ensure the integrity of our systems. Because the safety of your data is a top priority for us, we will also be executing a full security review of all our systems to ensure your information remains absolutely safe.
We deeply apologize for this incident and any inconvenience caused by this.
If you have any questions or concerns, please ask them here: Forum Vulnerability Discussion Thread
– Your Albion Online Team