Riot Games today revealed in a blog post that North American usernames, email addresses, salted password hashes, and some first and last names were accessed in a recent hack.
The developer said password files are unreadable, but gamers with easy-to-guess passwords may be at risk.
On top of this, Riot Games said it is investigating about 120,000 transaction records from 2011 that contained credit card numbers that were compromised. The developer said the payment system involved with these exposed records has not been used since July 2011.
“We are taking appropriate action to notify and safeguard affected players,” Riot Games said in a statement. “We will be contacting these players via the email addresses currently associated with their accounts to alert them. Our investigation is ongoing and we will take all necessary steps to protect players.”