Emuparadise data breach -1.1 million accounts exposed

Emuparadise suffered huge data breach in April 2018. Statistics showed that of over 1.1 million of its members data had breached. Users have been noticed the information “”Have I Been Pwned” over an weekend that HackNotice has confirmed that their information was found as the part of the Emuparadise data breach April 2018.

For your information, Emuparadise is a retro gaming site. It is used to host ROMs for retro games. This game could be used in emulators. The Emuparadise decided not to host game ROMs but continued as a retro gaming database with community forums in Aug 2018.

Emuparadise have reported that they receive notification form Have I Been Pwnd and HackNotice that their account information has exposed due to the data breach in April 2018.

Haveibeenpwned.com claims that they have received a database included email addresses, IP address, password and usernames on 9th of June this year from DeHashed.com. The database includes 1, 131, 1229 accounts of the Emuparadise vBulletin forum exposed in April 2018.

“In April 2018, the self-proclaimed “biggest retro gaming website on earth”, Emupardise suffered a date breach. The compromised vBulletin forum exposed 1.1 million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by dehashed.com.”

The obvious question that arises here is how DeHashed gained accessed to the database remains to be answered. It should be noted that the Emuparadise database has been available for sale since January 2019.