Roblox Leak Reveals Tons Of Personal Information
Roblox, a major and rather controversial gaming platform, has suffered a massive data breach which led to the release of personal information, including the addresses of everyone who ever attended the Roblox Developer Conference between 2017-2020. The most concerning aspect of the entire leak is that the data breach took place in December 2020 but wasn’t publicly reported until July 2023.
Years of personal information from the Roblox Developer Conference was stolen, from personal addresses to shirt-sizes.
According to Kotaku, it has been revealed that a Roblox data leak from the company saw 4,000 developers’ personal and identifiable information go public. This includes the list of names, email addresses, dates of birth, t-shirt sizes, and physical addresses of everyone who attended the Developer Conference in the aforementioned period. What’s worrisome is that this kind of identifiable information could be used to steal someone’s identity—a gold dust for anyone with nefarious intentions.
The Roblox data leak took place in December 2020. Reports suggest that it has remained unnoticed until this week, but that’s most likely not the case—a more likely scenario is that it was unreported due to damage assessment. Have I Been Pwned, a website that allows people to search whether their details have been leaked, also stated that the early reports about the leak started appearing as early as 2021, but Roblox hasn’t made an official announcement, thus failing to inform everyone of their data being compromised.
The company made an official announcement about the leak this week, with the Roblox representative acknowledging that there has been a third-party security issue, describing the event as unauthorized access to limited personal information. “Limited information” is a pretty inaccurate description of the leak, considering that those who accessed it also gained access to someone’s physical and email addresses and even t-shirt sizes—quite possibly even the size of their underwear.
Roblox, the company, failed to inform users for years about the massive data breach, potentially exposing themselves to a lawsuit.
It’s still unclear why Roblox hasn’t notified anyone about the data breach and unauthorized access to users’ data, but the fact that it hid the information about the breach for so long provides users with legal grounds for a lawsuit—if they’re affected—against the company. A Roblox representative also stated that the company engaged independent experts to support the investigation led by the company’s security team.
But the company did extend a friendly hand to those affected. Affected users will receive an email communicating the next steps the company will take to support them. How exactly the company plans to do this remains unknown for the time being, but Roblox stated that they’ll continue to be vigilant in the monitoring and vetting of the cyber security of their platform and third-party vendors.
Roblox hasn’t done anything for potentially affected users other then sending a brief e-mail.
Unfortunately, all of these pledges made by the controversial company don’t hold much promise, and everything the users got out of it so far was the “sorry” email.
Roblox remains a controversial platform due to its overall lack of content moderation and child safety concerns, especially due to its open nature, which may lead to the creation of inappropriate content. Still, despite the controversies, the popular video game platform is coming to television.
