Riot Games held to ransom over League of Legends code
A tough week for Riot Games has become even more complex, as the company recently confirmed that it has been hacked by an unknown third party. Source code for two of the games, League of Legends and teamfight tactics, has reportedly been stolen in the breach, with hackers capturing data for experimental new features and game modes. Riot Games does not believe that any personal player information has been captured in this hack, although it has speculated that the code may be new League of Legends cheats that must be avoided in the future.
According to company analysis, the attack method has now been identified – with the hackers initiating a “social engineering” ploy that manipulated access, likely via current employees.
The source code lifted during the attack is now being held for ransom, with Riot Games confirms it has received an email threat related to the hack.
“Over the weekend, our analysis confirmed that the source code for League, TFT and an older anticheat platform was exfiltrated by the attackers. Today we received a ransom email. Needless to say, we are not paying, it said Twitter.
Read: Riot Games confirms layoffs due to ‘strategic changes’
“While this attack disrupted our build environment and may cause problems in the future, it is most important that we remain confident that no player data or player personal information was compromised. Indeed, any exposure of source code can increase the likelihood of new cheats appearing. Since the attack, we have been working to assess the impact on anti-cheat and to be prepared to deploy fixes as quickly as possible if necessary.’
“The illegally obtained source code also includes a number of experimental features. While we hope some of these game modes and other changes will eventually make their way to players, most of this content is in prototype and there is no guarantee that it will ever be released. Our security teams and globally recognized external consultants continue to evaluate the attack and audit our systems. We have also notified the police and are actively working with them as they investigate the attack and the group behind it.
Riot Games is committed to transparency, promising to provide updates as the investigation continues and it works to monitor potential intrusions. For now, this means the company’s resources will be focused away from new updates and content – but Riot has promised that “regular patch cadence” will return as the situation clears up.
We’ll likely learn more about this intrusion and its impact on regular gameplay in the coming weeks.