A hacker has taken off with almost two million accounts associated with the forum for popular online multiplayer game, Dota 2.
The hack was carried out last month on July 10. The copy of the leaked database was provided to breach notification site LeakedSource.com, which allows users to search their usernames and email addresses in a wealth of stolen and hacked data.
The hacker took advantage of an SQL injection vulnerability used by the older vBulletin forum software, which powers the community.
That allowed them to access the database of limited user data, such as username, email, IP address of the user.
The data also includes the user's hashed password -- which uses the MD5 algorithm, which is widely considered insecure by today's standards, alongside the salt, used to scramble the password further. A member of the LeakedSource group told me that 1.54 million of the passwords -- or about 80 percent -- have already been unscrambled using rudimentary and run-of-the-mill cracking tools.