Cyber News Gator

In a recent cybersecurity incident, an individual operating under the pseudonym ‘DrOne’ has leaked the personal data of over 800,000 registered users from Chess.com. The breach was disclosed on Breach Forums, a well-known platform for hackers, on November 8th, 2023, raising concerns about the potential misuse of the exposed information.

Chess.com, a popular online platform for chess enthusiasts, clarified that the leak does not stem from a cyber attack or security breach on their part. The leaked data encompasses a variety of user details, including full names, usernames, profile links, email addresses, users’ originating countries, avatar URLs, and registration dates.

The leaked information poses a serious threat to users as cybercriminals can exploit it for various malicious purposes. While the exposed data does not include passwords, the active and valid email addresses in the leak suggest that cybercriminals could attempt to use the information for identity theft, phishing scams, social engineering attacks, or to cross-reference login credentials obtained from other breaches.

Web scraping, the automated extraction of data from websites, facilitated the breach. Chess.com, being a large website, employs measures such as rate limiting and captcha challenges to deter scraping. However, as evident in this incident, scrapers continuously evolve techniques to circumvent these countermeasures.

Unfortunately for the users affected, this is not the first time Chess.com has faced cybersecurity issues. In 2021, an ethical hacker reported a critical vulnerability that could potentially allow unauthorized access to any account on the platform.

For Chess.com users, it is crucial to take immediate action. Changing passwords not only on Chess.com but also across other online accounts where the same password is used is recommended. Additionally, users should be cautious of phishing tactics that may arise, such as emails with links leading to malicious websites mimicking Chess.com or other legitimate platforms.