The lesson: Plenty of other sites that run on vBulletin have been hacked in the past. In 2014, a hacker claimed to have gained access to the company's Facebook page and administrator panel. This seemingly isn't the first time Supercell has been hacked. Game accounts have not been affected,' Supercell's statement continued. Please note that this breach only affects our Forum service. 'We take any such breaches very seriously and we follow very strict policies when it comes to security. Motherboard also spoke to eight users whose accounts appear in the data, who confirmed they had signed up to Supercell, and also confirmed some of their other information, such as their username. For all of the email addresses tested by Motherboard this was not possible, because the address was already in use.
Motherboard verified the data by attempting to create accounts on the Supercell forum with email addresses included in the sample. In all, LeakBase claimed the dataset contained some 1.1 million accounts. Paid breach notification site LeakBase provided Motherboard with the data sample. Supercell uses the vBulletin forum software, which sometimes hashes passwords in a way that can be relatively easy for hackers to crack. The data, of which Motherboard obtained a small sample of 100 accounts, includes usernames, email addresses, IP addresses, and hashed passwords.
