Home News Humble Bundle suffers cyber-attack

Humble Bundle suffers cyber-attack

Humble Bundle

Humble Bundle, a digital storefront for video games, recently revealed that it has suffered a data breach in late November that might have compromised the information like customers’ account details and subscription status. Humble Bundle is a distribution platform that offers game bundles, and sells eBooks, software, and other digital content.

The company stated that hackers exploited a bug used to gather the subscriber information in the company’s server and illegally gained access to its customers’ email addresses and their Humble Bundle subscription details. However, Humble Bundle clarified that no sensitive information such as customer name, billing address, password, and payment information was exposed in the incident.

The company notified its users via emails about the intrusion. “Last week, we discovered someone using a bug in our code to access limited non-personal information about Humble Bundle accounts. The bug did not expose email addresses, but the person exploited it by testing a list of email addresses to see if they matched a Humble Bundle account. Your email address was one of the matches,” the email reads.

“Sensitive information such as your name, billing address, password, and payment information was NOT exposed. The only information they could have accessed is your Humble Monthly subscription status. More specifically, they might know if your subscription is active, inactive, or paused; when your plan expires; and if you’ve received any referral bonuses,” the email further read.

Further, Humble Bundle apologized its customers and recommended some safety precautions to prevent the future losses. “Even though the information revealed is very limited, we take customer trust very seriously. We want to make sure you are able to protect yourself should someone use the information gathered to pose as Humble Bundle,” the email stated.

In related news, it was disclosed last month that a group of Call of Duty (CoD) players were a part of a cybercrime syndicate that remotely stole $3.3 million in cryptocurrency by hacking several crypto wallets.