vPnMentor’s research team discovered a data breach belonging to Chinese mobile gaming company EskyFun.
EskyFun was using an unsecured server to store vast amounts of data collected from users on its games. Much of this data was incredibly sensitive, and there was no need for a video game company to be keeping such detailed files on its users.
Furthermore, by not securing the data, EskyFun potentially exposed over 1 million people to fraud, hacking, and much worse.
EskyFun Entertainment Network Limited is a Chinese mobile game publisher with numerous gaming titles available on Android. Their games are a mix of role-playing and fantasy adventures that, combined, have over 1,500,000 downloads.
vpnMentor discovered EskyFun’s unsecured database in early July. Once they had confirmed the details of the leak, and EskyFun as the responsible party, they reached out to the company immediately. After a couple of weeks with no reply, they sent a follow-up email and contacted the Hong Kong CERT.*
Hong Kong CERT was rapid and proactive in its response, seeking additional information to take appropriate measures. However, at this point, the database was secured, and the breach had been closed.
The records included IP and IMEI numbers, device information, phone numbers, the OS in use, mobile device event logs, whether or not a handset was rooted; game purchase and transaction reports, email addresses, EskyFun account passwords stored in plaintext, and support requests, among other data.
Runtime Logs: 217M+
Run time logs contained all kinds of data, some of which were incredibly sensitive.
Even in the small sample, the team still found the following records on users:
- Email addresses
- Plain text passwords for EskyFun accounts
- Support requests
- Much more
Tracking Records: 15M+
EskyFun’s game apps appeared to track any actions taken while they’re open. The resulting records contained a lot of sensitive information, including:
- IP address
- IMEI number
- Mobile application package doing the tracking
- Device screen size – whether a device is ‘rooted’*
- Device model
- Phone number (if any)
- Platform (Android/iOS)
- NetType (WiFi or cellular)
- Events (open,login,level_up, etc)
For complete details visit the vpnMentor’s blog