Teenpatti.com and (Mobile Premier League)Mpl.live, two prominent online gaming platforms in India, may have experienced a data breach. Allegedly, a cybercriminal known as ‘roshtosh’ has put up for sale data claimed to be stolen from these platforms.
The online gaming data breach, disclosed on January 22, 2024, following the threat activity on January 20, 2024, has raised serious concerns about the security of user information on online gaming sites.
The threat actor, identified as ‘roshtosh’, announced the breach on the nuovo BreachForums. According to the perpetrator’s claims, the databases of teenpatti.com and mpl.live contained 400,000 and 508,000 records, respectively.
These records exposed in the online gaming data breach, reportedly include highly sensitive personally identifiable information (PII) like names, email addresses, phone numbers, and physical addresses of the platforms’ users.
The attack’s impact extends across India and resonates throughout the Asia-Pacific region, underlining the growing threat of cyberattacks in this area.
While the alleged data breach at Teenpatti.com and Mpl.live remains unconfirmed, the team at The Cyber Express has initiated contact with these firms for confirmation and additional information regarding the incident.
This situation, involving two prominent online gaming platforms, highlights the pressing need for security measures within the digital domain, especially in sectors like gaming that manage large volumes of personal user data.
There is a critical need for enhanced security protocols and vigilant monitoring to safeguard user data against such malicious activities.
In light of the reported data breach concerning Teenpatti.com and Mpl.live, it’s crucial for users of these online gaming platforms to exercise increased caution and vigilance.
The gaming industry has experienced a significant rise in cyberattacks, with over 4 million attacks targeting gamers between July 2022 and July 2023.
These attacks predominantly affected the mobile gaming community, which comprises a substantial portion of the global gaming population. The attacks were diverse in nature, with popular games like Minecraft, and Roblox being employed as bait.
For instance, Minecraft players in Indonesia were targeted by a Trojan.AndroidOS.Pootel.a attack, while Roblox users on Android faced threats from SpyNote, a spy Trojan with extensive spying capabilities, including keylogging and screen recording.
Phishing and counterfeit distribution pages have also posed significant threats to gamers. These malicious pages often masquerade as popular games and are distributed through third-party websites offering pirated versions, leading to harmful or unrelated content being downloaded by unsuspecting users.
In addition to these targeted attacks, the gaming industry has also been affected by sophisticated ransomware groups like BlackCat, known for their double extortion attacks. This group has been particularly active, leveraging various methods to infiltrate networks, including exploiting known vulnerabilities and social engineering.
The ransomware-as-a-service (RaaS) model, as used by BlackCat, allows these groups to scale their operations significantly. Another concerning trend is the rise of double extortion and encryption-less ransomware attacks, where data is exfiltrated and threatened to be published if ransoms are not paid.
The impact of these attacks on users is multifold. In addition to the immediate threat of personal data exposure and financial loss, there’s a long-term erosion of trust in the gaming platforms. The attacks highlight the critical need for robust cybersecurity measures within the gaming community to protect against such sophisticated threats.
Gamers are advised to download games only from official stores and be cautious of phishing campaigns and unfamiliar sources. Employing strong, reliable security solutions and staying updated on the latest cybersecurity practices are essential steps in safeguarding against these threats.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
US DOJ charges 3 people for attempting to smuggle $170 million worth 'America-made' AI tech to China.
Node.js resolves CVE-2026-21637 and other flaws, addressing DoS risks, HTTP errors, and permission bypass issues across versions 20.x–25.x.
A forensic investigation is currently underway to determine how the attackers gained access and whether any data has been compromised.
US presents in Austin Court, an Armenian national behind RedLine Infostealer campaign.
Kali Linux 2026.1 delivers BackTrack mode, MetasploitMCP, new tools, kernel 6.18, NetHunter updates, and key fixes for security testing workflows.
FlexPLM vulnerability exposes systems to Remote Code Execution. Discover affected versions, risks, and mitigation steps to secure systems.
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More