Heute von Roll20 erhalten:

Hello Roll20 User,

We are writing to tell you about a data security incident that may have exposed some of your personal information. We take the protection and proper use of your information very seriously. For this reason, we are contacting you directly to explain the circumstances of the incident.

On June 29, 2024, at 6:30 P.M. Pacific Time, Roll20 learned that an administrative account was compromised. By 7:30 P.M. Pacific Time, we acted to ensure that all unauthorized access was blocked, and we began the process of investigating the incident to determine the scope.

Following our investigation, we learned that the unauthorized third-party had access to administrative tools, which may have resulted in the exposure of personal information, such as your: first and last name, email address, last known IP address, and the last 4 digits of your credit card (solely if you had a stored payment with us).

Notably, the compromised administrative tooling did not expose your password or your full payment information, such as your address or credit card number.

While we have no reason to believe that your personal information has been misused, we are notifying you out of an abundance of caution.

We take your privacy and security very seriously, and we deeply regret that this incident occurred. We will be implementing an action plan to further enhance the security of our administrative tools going forward.

If you have questions, or if you would like to view a copy of your account data that the third party may have had access to, please reach out to us at https://help.roll20.net and create a support ticket with the subject line “Incident Data Request” and we will be happy to assist you.

Here are some resources containing good best practices for protecting your information online which we recommend: https://consumer.ftc.gov/online-security

  • Gorobar
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    Ja, habe ich auch bekommen. Das war auch nicht deren ersten Incident (da war schon vor Jahren was auf HaveIBeenPwned), aber meines Wissens der erste, über den sie offen informieren

    • TealkOPMA
      link
      fedilink
      Deutsch
      arrow-up
      2
      ·
      6 months ago

      Ja gut das dort kaum Daten sind die missbraucht werden können