Some old transaction and card information possibly also taken.
By Tim Colwill on August 21, 2013 at 1:07 pm
Riot Games have emailed their userbase to let us know that North American accounts may have had their personal information compromised in a recent attack on the game servers.
According to Riot, user names, email addresses, salted password hashes, and some first and last names were accessed. “This means that the password files are unreadable, but players with easily guessable passwords are vulnerable to account theft,” warns the company.
“Additionally, we are investigating that approximately 120,000 transaction records from 2011 that contained hashed and salted credit card numbers have been accessed. We are taking appropriate action to notify and safeguard affected players. We will be contacting these players via the email addresses currently associated with their accounts to alert them.”
If you have a North American League of Legends account, either change it now, or wait until the next time you log in and be forced to change it. If you use the same password in multiple locations, probably go and change it there as well, just to be sure.