If you have a DOTA 2 account you might want to change your password and e-mail ASAP. According to some reports it appears as if the game may have been the victim of hackers and they've managed to dump more than 1.9 million account records.
The report indicates that while passwords were encrypted by an MD5 hash, they were taken along with usernames, e-mail addresses, user identifiers, and even source IP addresses. That's a lot of information. In fact, it wouldn't be hard for most hackers to start pairing certain e-mails and IPs to get a list of other related websites where that data may have been used for login information.
LeakedSource also has a list of the top e-mail address domains that were used by gamers for DOTA 2's registration process, showing exactly what the domain is for the majority (and minority) of users who registered for the site. At the top is Gmail, with more than a million registered users playing Valve's MOBA title; Hotmail, Yahoo and the Russian mail server all follow close behind.
We see a number of personal mail addresses used along with one of the more shocking revelations: even the DOTA 2 developers were hit. Nearly three thousand e-mail addresses using the developer mail server for DOTA 2 were pilfered by hackers.
The attack supposedly occurred on July 10th, 2016. That's a month ago to this day. Sites are supposed to report when they've been attacked to give users a heads up about the information, but this is the first time I'm hearing about this particular attack.
Valve has not made any announcements yet but I would like to assume that they will. If you have registered for DOTA 2 or used the game's forum, you can find out if your account was compromised by heading over to LeakedSource and checking keywords for your username or e-mail address. You can also have yourself removed from the database if you do happen to find your information within the LeakedSource database.
Like in all cases where these sort of attacks occur, it's highly advised to change your username and password where applicable.
It's a real shame that we live in an age where you can't even play video games without having to worry about your account information being tracked, hacked and stolen, but such are the risks that come with today's online-oriented culture.
DOTA 2 is one of the most popular free-to-play MOBA titles on the market. The e-sports tournaments are known for their massive pots, with the most recent being worth $20 million, according to a report from PC World.
Unfortunately, there isn't much else you can do to safeguard yourself from these attacks other than using throwaway user accounts and passwords that have no association with accounts that you might use for online banking, bill paying or other financial services.