Hackers breach Roblox security to access user information
Hacker bribed a Roblox insider to gain access to user data on the gaming platform
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Popular online gameRobloxhas suffered a security breach after a hacker bribed a company employee to gain access to the company’s back end customer support panel.
This allowed them to lookup other users' personal information and give out virtual in-game currency, with the hacker able to see other users' email addresses, change their passwords, removetwo-factor authenticationfrom their accounts, ban users and more. The hacker shared screenshots with the news outlet which included the personal information of some of Roblox’s most high profile users including YouTuber Linkmon99.
While the hacker could have looked up information on many users, they only accessed a handful of accounts. In an online chat withMotherboard,the hacker said that “I did this only to prove a point to them”.
Gaining access to other user’s online accounts and in-game items through social engineering and bribery is bad enough but the fact that many of Roblox’s users are children complicates things even further.
Roblox hack
In addition to viewing user data, the hacker was also able to reset passwords and change other user data as well based on the screenshots of the customer support panel shared with Motherboard. According to the hacker, they changed the password for two accounts and sold their items.
The hacker first began their infiltration of Roblox’s platform by paying an insider to perform data lookups for them. However, this progressed a step further when the hacker targeted a customer support representative for even greater access to the company’s systems.
The hacker even went as far as to try and claim abug bountyfrom Roblox which was denied as they didn’t actually find a vulnerability but instead used social engineering and bribery to access its systems.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Following the hack, Roblox addressed the issue and individually notified the small number of users who were affected. The company also reported the hacker’s actions to the bug bounty platformHackerOneas an additional measure.
ViaMotherboard
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
