In yet another attack on online databases which contain user account information, Rio Games has stated that portions of their North American account information has been compromised. Account holder's username, e-mail, passwords and more were accessed.
What we know: usernames, email addresses, salted password hashes, and some first and last names were accessed. This means that the password files are unreadable, but players with easily guessable passwords are vulnerable to account theft.
The are also investigating some 120,000 transaction records from a payment system that has not been used since 2011, that also has been accessed.
People accessing their accounts will be required to change their passwords when they log in to something that is harder to guess. They also stated that they are working on new security features that will include e-mail verification for new registrants and account changes, and also two-factor authentication for changes to e-mail address attached to accounts.