HaveIbeenpwned is telling its readers who might have an account with Facepunch that the game studio suffered a breach two years ago exposing their information.
Troy Hunt’s data breach site reported that in June 2016 Facepunch was breached exposing 343,000 users. The compromised data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes.
Facepunch told HaveIbeenpwned that it was aware of the incident and had informed its users at the time.
However, responses posted to HaveIbeenpwned Twitter page are telling a different story. Several people who said they have a Facepunch account stated they were never told.
An attempt to contact Facepunch through its Twitter account has so far been unsuccessful.