Clash of Clans maker Supercell disclosed today that accounts on Supercell’s community forum have been hacked. Third-party sources say more than 1 million accounts were compromised.
The company said in an official statement that the breach happened in September 2016, and that the site’s forums were affected. No game accounts were affected. Supercell makes the hit games Clash of Clans, Hay Day, Clash Royale, and Boom Beach.
“We’re currently looking into report that a vulnerability allowed third party hackers to gain illegal access to some forum user information, including a number of emails and encrypted passwords,” Supercell said in its statement. “Our preliminary investigation suggests that the breach happened in September 2016 and it has since been fixed.”
The company added, “We take any such breaches very seriously and we follow very strict policies when it comes to security. Please note that this breach only affects our Forum service. Game accounts have not been affected.”
The company asked users to change their passwords as soon as possible. And it said “we also strongly advise you to change the password in any other systems you are using with the same login. As a general guideline, matching credentials should not be used on multiple sites.”
The company also apologized. LeakBase and Motherboard came up with the 1 million user account number. Supercell didn’t say how many accounts were hacked.