Back to Radar
RO

Roll20

High

The Roll20 breach in December 2018 exposed personal information of nearly 4 million users.

Records exposed
3,994,436 records
Breach date
Breach Dec 26, 2018
Last update
Updated Jul 19, 2019
Source

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesIP addressesNamesPartial credit card dataPasswords

Why does this breach matter?

In-depth analysis of the breach and its implications.

In December 2018, Roll20, a platform dedicated to tabletop role-playing games, experienced a security breach which exposed the sensitive data of nearly 4 million customers. The compromised data repository included email addresses, IP addresses, full names, password hashes (stored using bcrypt), and the last 4 digits of credit card numbers.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Users faced the exposure of personal information including hashed passwords and partial financial details.
Business Impact
Roll20 experienced reputational damage and faced pressing needs for enhanced security measures.
Affected Sectors
  • Gaming and Entertainment
Geographic Impact
  • Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Change your Roll20 and any reused passwords immediately.
  • Monitor financial accounts for unusual activities.
  • Be vigilant for phishing attempts leveraging exposed details.

Preventive Measures

  • Use unique passwords for each online account.
  • Enable multi-factor authentication where possible.
  • Regularly review security settings on all accounts.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Change your passwords for Roll20 and any other accounts using the same credentials. Monitor your financial statements for unusual activity.

Attribution

Additional attribution provided with the breach record.

JimScott.Sec@protonmail.com