A months-old breach at online gaming site Gamigo has now resulted in the leak of 8 million usernames, e-mail addresses, and passwords. The site warned users four months ago that a hacker intrusion had compromised data, but the information wasn't released online until earlier this month.
"As previously announced, the online gaming provider Gamigo was the victim of a security incident in early March 2012," the company said in an official statement to Shacknews. "As a result of the attack, usernames and passwords from an older database version were illegally stolen. It appears that the stolen data has now been republished on the internet. As far as we can tell, the published records contain no new data.
"All necessary measures to minimize the impact of the attack were initiated immediately at that time. This included notification of all affected users, resetting of passwords, taking the hacked database offline, a thorough review of the company's IT security policies, removal of a portion of the company's offerings from the internet, notification of the relevant civil authorities and a clarification of the ensuing legal questions."
Forbes reports that the the passwords weren't posted in a readable format, but one of the users on the password-cracking forum InsidePro quickly claimed to have "found 94%," which could mean the passwords were derived easily. The leaked data includes 3 million American accounts, 2.4 million German accounts, and 1.3 million French accounts.
Gamigo forced users to change its passwords after the initial leak, so the site itself will probably be safe from intrusion. But if you were a Gamingo user and the sort to share your passwords between accounts, it's probably best to change those now to be on the safe side. You can check if you were one of the impacted users on PwnedList.