Skip to main content

Long read: The beauty and drama of video games and their clouds

"It's a little bit hard to work out without knowing the altitude of that dragon..."

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Magic the Gathering and MTG Arena users urged to change passwords following data breach

"We have no reason to believe that any malicious use has been made of the data."

The creators of Magic the Gathering have contacted MTG Arena and Magic Online players following a data breach that leaked users' names, email addresses, and passwords.

In an email sent to those affected by the incident, Wizards of the Coast explained that an internal database from a "decommissioned version of the WotC login" was accidentally "made accessible" online. While the incident has reportedly been described as isolated and WotC has no reason to believe "that any malicious use has been made of the data", information was nevertheless obtained outside the company.

Furthermore, it's reported no payment or financial information was at risk, and passwords were stored securely in an encrypted form, so it's unlikely they can be extracted for malicious purposes.

"Dear Wizards community, we are writing to let you know of a recent security incident at Wizards of the Coast," WotC said (thanks, Dotesports). "On Nov. 14, we learned that an internal database file from a decommissioned version of the WotC login had inadvertently been made accessible outside the company.

"We believe this was an isolated incident related to a legacy database and is unrelated to our current systems. Based on our current investigation, we have no reason to believe that any malicious use has been made of the data."

As a precautionary measure, WotC is asking all players to update their passwords over the next seven days. If you're unable to do so, WotC will reset it for you.

Watch on YouTube