Skip to main content

Dota 2 forums reportedly hacked, usernames and passwords exposed

Dota 2's official forums were reportedly hacked on July 10, with nearly 2 million records accessed. These include email addresses, usernames and passwords, and IP addresses, according to leak notification site Leaked Source.

According to that site, passwords on the vBulletin forum "were stored using MD5 hashing and a salt".  MD5 hashing is widely considered an outdated and ineffective form of data protection, and according to Leaked Source, over 80% of the hacked passwords can be converted to their plaintext value. 

Leaked Source lists the different email hosts that have been compromised, with Google a huge majority at 1,086,139. "A lot" of those are disposable email addresses, but the report doesn't specify how many. Whatever the case, if you use the forums, it's probably best to change your password, and to then check whether you're listed on the Leaked Source website.

Valve has yet to comment, but we'll reach out. Cheers to ZDnet for the heads up.

Shaun is PC Gamer’s Australian editor and news writer. He mostly plays platformers and RPGs, and keeps a close eye on anything of particular interest to antipodean audiences. He (rather obsessively) tracks the movements of the Doom modding community, too.