Riot Games, Inc. Data Breach (2012)

Security breach at Riot Games results in exposure of some personal information and salted passwords. Here's how he claimed it happened: During their first bout of bruteforcing passwords in the 2012 North America attack, Duffy's group obtained details for a senior staff member. Aware of the breach, Riot told its employees to change their passwords, but Duffy claims this one employee did not. Through this account, the group was able to access Riots servers. Once inside, they dropped in backdoor software that gave them ongoing access to the servers. Riot didnt detect the backdoor until one of his colleagues got "sloppy," Duffy said. By then, the group had access to the first 24.5 million accounts, in chronological order of creation.