The most popular platform for chess players, Chess.com, has had some of its user data leaked in a fresh scraping attempt.
A hacker under the username DrOne shared data from more than 800K Chess.com users on BreachForums, an illicit forum and cybercrime marketplace.
The leak contains emails, user IDs, names, locations, points, ratings, membership levels, registration dates, and some other details used for playing and interacting on the platform.
The data seems to be scraped using the website’s API. It does not include passwords or other personally identifiable information that was not shared publicly by the users on the platform, other than emails.
Web scraping is an automated process to extract public data from websites without breaching into systems directly.
Still, it’s advisable for users to change the passwords on the platform, especially if they are reused elsewhere, as hackers may attempt to cross-reference the credentials from other leaks. Emails also can be used by malicious actors for phishing attempts and spam.
The compromised data aggregator Have I Been Pwned noted that 99% of the scraped emails were already compromised in previous leaks and could be found in their system.
https://twitter.com/haveibeenpwned/status/1722799174826283279
With a user base of more than 150 million, the leak compromises less than 1 percent of Chess.com’s total users.
Your email address will not be published. Required fields are markedmarked