League of Legends is a popular online multiplayer battle arena video game where players go against each other in a race to create the strongest army and defeat their opponent. It was released in October of 2009 and as of the end of 2012 has over 12 million people playing every day. However, this week Riot Games—the design company behind the game—joined a growing list of companies that have has their POS software hacked.
The company announced in a blog post that North American account holders were affected when hackers were able to gain access to usernames, email addresses, salted password hashes and some first and last names. On top of that, there is the possibility that 120,000 transaction records from 2011 that contained credit card information were also accessed.
"The payment system involved with these records hasn't been used since July of 2011, and this type of payment card information hasn't been collected in any Riot systems since then," the post reads. "We are taking appropriate action to notify and safeguard affected players. We will be contacting these players via the email addresses currently associated with their accounts to alert them."
This appears to be an example of an outdated portion of a system being vulnerable to a current day attack and the information that was stored there. Unfortunately for Riot and its customers, that information was credit card data. This highlights the need for any company that processes credit cards to ensure it has the most updated POS software to keep that information secure.