The data breach incident came forward when an anonymous user informed Hacked Database Search Engine DeHashed about the breaching of the sever of BalckMediaGames, by providing the POC of the server access and complete database disclosure.
The data breach has compromised over 7,633,234 unique user's usernames, email addresses, passwords (hashed with phpass, MD5(WordPress), MD5(phpBB3) algorithm), IP addresses, game and forum activities, and payment information.
This is the first time the company has ever seen any kind of breach, ironically it was caused by a entree-level vulnerability known as “LFI” / “RFI”.After contacting a couple of times, BlankMediaGames have commented on this hacking incident and also made the official announcement of Breach. After this, an update came from BlankMediaGames about the data includes on this hack were Email, Full Names, Billing & Shipping addresses, IP Information, Payment Amount, and other details. No Credit Card Numbers.