Riot Games hacked, delays patches to fix security breach
January 20 Riot announced it was targeted by a social engineering attack that compromised the development environment. The company hasn’t shared details about how the attacker got into its system or exactly what went down, but it did mention that this will delay its ability to push out game updates.
It’s still too early to tell if this will affect players in any other ways, but the company’s social media has been abuzz with account complaints over the past 10 days, especially on Reddit – but it’s possible these cases are unrelated.
That said, it’s been a tough start to the year for Riot, who have already had to deal with a lot of players. From an overwhelmingly negative reception to the Season 2023 movie to displeasure over changes to the start time of the LCS broadcasts.
Riot Games Pushes Back Game Patcher
At this stage, Riot hasn’t released much information beyond saying it’s still investigating the attack. These delays may be due to the company having to follow an incident response plan that may limit developer access to certain systems and that takes time to complete. It could also be the result of a ransomware attack, which locked the developers out of certain systems or files.
The development teams behind League of Legends and Valorant have confirmed that the updates for their games are delayed. The league team says they are working to stretch the delivery of Patch 13.2 (which was scheduled for release on January 26) by focusing on delivering hotfixes. They seem confident that they will be able to deliver most tested balance changes on time. Less immediate content, such as the Ahri ASU, will likely be moved to Patch 13.3 which will be released on February 8th.
Valorant’s developers say that the next update and the preliminary PBE 6.2 have been delayed until early February. Interestingly, the developers first announced this delay on the official Valorant Reddit page for public beta communities. However, they declined to give a reason for the delay at the time. After this began to lead to speculation, Riot Games followed up with their Twitter announcement of the attack, possibly to quell further speculation.
Riot Players’ personal data safe for now
The game publisher says it has found no evidence that player data or personal information has been compromised, but that could change at any time. It is not uncommon for companies to announce something like this, only to backtrack at a later date after completing further investigations.
It may not be related, but the Riot Games Reddit page has seen a number of complaints about either hacked accounts or account bans for both League of Legends and Valorant over the past week. It’s hard to tell if this is an abnormal trend compared to the number of complaints it generally receives without doing an in-depth study of previous posts. That said, the number appears to have increased considerably compared to the previous two months.
One of the most worrying things stemming from these complaints, however, is the common thread of Riot’s terrible customer support. Many have complained of only receiving automated responses that do not resolve the issue, with no way to speak to a real person. It is possible that this could be due to an increase in customer support tickets and the staff not being able to keep up.
Secure your Riot Games account
If you play any of the games published by Riot Games, it’s a good idea to secure your accounts right away. First of all, your Riot Games account should have 2-factor authentication enabled. You can also change your account password, just to be on the safe side – make sure you choose a strong password.
If you suspect foul play with your account in the coming weeks, it’s best to change your password again just in case. This includes strange activity, account changes not authorized by you, and strange messages.
Speaking of strange activity, it’s possible that attackers still have access to some of Riot’s systems or files and could send out phishing messages with malicious links. If you receive suspicious emails or messages from the publisher that contain links, it’s probably best to ignore them.
Until we get some more details about the attack, hopefully in the coming weeks, it’s best to err on the side of caution. You don’t want all those hours spent building up your rank and skins to go to waste.