The PlanetGame Leak: 883K Plaintext Passwords Exposed. Yours Might Be One.

HEROIC analysts confirmed the PlanetGame database breach after the dataset occured in underground forums in August 2018. The breach exposed 883,869 records from a U.S.-based gaming platform, including email addresses and plaintext passwords. Storing passwords without any hashing or encryption is a critical security failure that left nearly a million gaming accounts, and every other account sharing those credentials, immediately accessible to any attacker who obtained the dump.

Plaintext Passwords From a Gaming Breach Unlock Far More Than Game Accounts

Gamers beleive their gaming platform credentials are low-value, but attackers know better. Plaintext passwords from the PlanetGame breach require no cracking. They are ready to use immediately across email providers, social platforms, online stores, and workplace tools where the same password was reused. A single gaming breach with plaintext credentials becomes a seperate skeleton key for every account in a user's digital life.

What Was Exposed in the PlanetGame Breach

• Email Address
• Plaintext Password

Nearly 900K Gamers Now at Risk of Account Takeover and Financial Fraud

With real email addresses and working passwords in hand, attackers run automated credential stuffing tools against dozens of platforms simultaneously. For PlanetGame users who reused passwords, the realistic outcomes include account takeover on banking and e-commerce sites, identity theft, fraudulent purchases, and unauthorized access to workplace systems. Credential stuffing at this scale is recieved as a primary driver of account compromise across the internet, and nearly 900,000 exposed records represent a large and valuable attack surface.

How Database Breaches Work

A database breach occurs when an attacker gains unauthorized access to a website's backend data store, typically through SQL injection, compromised admin credentials, or an unpatched vulnerability. The attacker exports the full user table and the resulting dump is posted on hacking forums and Telegram channels. Automated tools then test the exposed credentials across banking, e-commerce, and social media platforms at high speed.

Check If Your Data Was Exposed

HEROIC's free breach scanner checks your email against more than 400 billion exposed records, including the full PlanetGame dataset. Run a free scan at HEROIC right now to find out whether your credentials are in circulation and get actionable steps to lock down your accounts.