League of Legends players in North America may have had some of their account information accessed. In a post today, Riot Games' Brandon Beck and Marc Merrill stated that account information like email addresses and usernames was accessed along with salted password hashes, though the reason behind the compromise was not mentioned. 120,000 transaction records dating back to 2011 may also have been accessed, but while those records did include credit card information it was thankfully hashed and salted as well. Nevertheless, the company is notifying affected players so they can take appropriate action.
As for the broader issue, Riot Games will be requiring all users in North America to change their passwords. Two new security features — email verification and two-factor authentication — have also been announced, though they are said to be "in development" and no specific time for their rollout is given. As is the case with any breach, this latest incident serves as yet another reminder of the importance of vigilance when it comes to security — even if it's just picking a password for your favorite game.