Connect with us


Humble Bundle suffered a mild data breach

Seriously, is anything secure online?

Humble bundle office
Image: Humble Bundle

Towards the end of November, Humble Bundle, an online merchant for games and other digital items, realized they had suffered a data breach. Now before you panic, the breach was very limited in scope and only affects Humble Monthly subscribers, current and prior.

A software bug let hackers extract information about its Humble Monthly subscribers, including if the subscription was active, inactive or paused when the plan expires, and if any referral bonuses were accrued.

Humble says that no personally-identifiable information was leaked as a result of the bug, so things like real names, billing addresses, passwords or payment details didn’t get picked up by the breach. That’s good to know, although as with all breaches – changing your password is probably the safest option here.

Be on the lookout

The official Malwarebytes blog warns Humble Bundle users to be on the lookout for phishing emails that pretend to be from the service. It’s conceivable that attackers can now target their email campaigns to those who match the Humble Monthly subscription data. They could hide dangerous links benign-looking emails warning of your subscription running out, or send offers of cheaper service if you resubscribe.

These fraudulent emails would then send you to a website the attackers set up, to steal actual login details or credit card numbers from users.

Humble bundle breach notice
Image: Game Rant

How to protect your Humble Bundle account

This breach isn’t anywhere near as bad as the recent ones involving Bethesda or Facebook, but it does show that unfortunately, we’re not always safe online.

As a reminder, never give personal information over email. Most reputable retailers have some secure way of communication on their site and users should only use official channels with any personal information.

One of the best defenses against hacking is setting up two-factor authentication (2FA) on your account. If you’re a Humble Bundle user, you can find out how to enable 2FA on your account here.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere. His hobbies include photography, animation, and hoarding Reddit gold.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Deals of the Day

More in Gaming