A large online Counter-Strike eSports community has suffered a massive hack after refusing to pay a ransom of $100,000.
Sensitive contact information for customers of the eSports Entertainment Association (ESEA) was breached on December 27, 2016 and held for ransom by the hackers. Over 1.5 million accounts were compromised as part of the hack, with data including usernames, passwords, mobile phone numbers, emails, and IPs being released on LeakSource.
"We do not give in to ransom demands, and paying any amount of money would not have provided any guarantees to our users as to what would happen with their stolen data," says an online statement on the breach from the ESEA. They reasoned that the best course of action was to instead contact authorities and inform users of the breach.
According to the organization, taking simple steps to change account information should be enough to secure compromised accounts.
"To be clear, we have worked to identify the source of the vulnerability and have taken the appropriate measures to patch it. Once users have completed the password and information change procedures outlined above, users should feel confident in the ongoing security of their data on ESEA's systems."