RNB4U

We've observed a persistent trend of older breaches resurfacing in underground communities, often years after the initial incident. What caught our attention wasn't the size of this particular breach, but rather the fact that passwords were stored in plaintext. In today's threat landscape, this is an egregious security lapse that significantly amplifies the risk to affected users. The data had been circulating quietly for some time, but we noticed a spike in mentions across several dark web forums, prompting a closer look.

RNB4U's 2.2M User Credentials Exposed in Plaintext

In August 2018, a data breach at Fantase Game, operating under the name RNB4U, exposed over 2.2 million user records. The breach, which involved a compromised database, resulted in the leakage of both email addresses and, more concerningly, plaintext passwords. The data was first observed on several underground forums around August 26, 2018, but has recently resurfaced, generating renewed interest among threat actors.

The fact that passwords were stored in plaintext is a critical issue. Unlike hashed passwords, which require significant computational power to crack, plaintext passwords can be immediately used to compromise user accounts. This dramatically increases the likelihood of successful credential stuffing attacks across other platforms where users may have reused the same credentials. This breach matters to enterprises because it underscores the enduring risk posed by legacy security vulnerabilities and the potential for old breaches to fuel new attacks. It's a stark reminder that even seemingly outdated incidents can have significant repercussions if the exposed data remains unaddressed.

Key point: Total records exposed: 2,269,829

Key point: Types of data included: Email Address, Plaintext Password

Key point: Sensitive content types: Credentials

Key point: Source structure: Database

Key point: Leak location(s): Dark web forums

Key point: Date of first appearance: August 26, 2018

Cybernews covered the RNB4U breach in 2018, detailing the timeline and impact on users. They highlighted the severity of storing passwords in plaintext, emphasizing the increased risk of account takeovers and identity theft. The breach also aligns with a broader trend of gaming platforms being targeted by malicious actors, as noted in various threat reports focusing on the gaming industry's vulnerability to cyberattacks. One Telegram post claimed the leaked database was being actively traded among credential stuffing groups.

Email · Address · Plaintext · Password