Town Of Salem Data Breach Pastebin | DELUXE • 2024 |
| Date | Event | | :--- | :--- | | | The vulnerable backup script is active on BMG servers. | | December 26, 2018 | A user on the Town of Salem Discord server alerts staff to the vulnerability, claiming they have accessed the database. Staff initially dismiss or ban the user. | | December 28, 2018 | The attacker uploads the database contents to Pastebin. The paste is shared widely across Reddit and Discord. | | December 28–29, 2018 | The community backlash begins. Users verify the breach by searching the Pastebin for their own emails and passwords. | | December 29, 2018 | BMG issues a statement acknowledging the breach and forces a password reset for all users. |
While full credit card numbers were processed securely by third-party merchants (like PayPal and Stripe), the database contained metadata regarding purchases, including billing names and addresses for premium users. Why the Pastebin Leak Compounded the Risk
The Town of Salem breach serves as a reminder that even "casual" gaming data is valuable to cybercriminals. The incident forced the developers to implement mandatory password resets and migrate to more secure server infrastructures. For the broader industry, it underscored the need for and the dangers of using third-party text-sharing sites as a medium for data dissemination. town of salem data breach pastebin
The game developers have likely taken steps to:
If you were a Town of Salem player during the 2018–2019 period, you should assume your data was part of this leak. | Date | Event | | :--- |
The last known connection points of the users.
The security incident began in late December 2018, though it was not publicly acknowledged until January 2019. Dehashed, a data breach indexing service, discovered that a server backup containing the game's user database had been compromised. The Stolen Data | | December 28, 2018 | The attacker
million (28%) of the hashed passwords were broken shortly after the leak.
HIBP maintains a comprehensive database of compromised accounts from thousands of data breaches, including the Town of Salem incident.
Town of Salem Data Breach: Inside the 7.6 Million User Pastebin Leak
