E-Sports Entertainment Association ( ESEA ) , one of the largest competitive video gaming communities on the planet , was hacked last December . As a result , a database containing 1.5 million player profiles was compromised . On Sunday , ESEA posted a message to Twitter , reminding players of the warning issued on December 30 , 2016 , three days after they were informed of the hack . Sunday ’ s message said the leak of player information Attack.Databreach was expected , but they ’ ve not confirmed if the leaked records Attack.Databreach came from their systems . Late Saturday evening , breach notification service LeakedSource announced the addition of 1,503,707 ESEA records to their database . When asked for additional information by Salted Hash , a LeakedSource spokesperson shared the database schema , as well as sample records pulled at random from the database . Learn about top security certifications : Who they 're for , what they cost , and which you need . However , in all , there are more than 90 fields associated with a given player record in the ESEA database . While the passwords are safe , the other data points in the leaked records could be used to construct a number of socially-based attacks , including Phishing Attack.Phishing . Players on Reddit have confirmed their information was discovered in the leaked data . A similar confirmation was made Twitch ’ s Jimmy Whisenhunt on Twitter . The LeakedSource spokesperson said that the ESEA hack was part of a ransom scheme Attack.Ransom , as the hacker responsible demanded Attack.Ransom $ 50,000 in payment Attack.Ransom . In exchange for meeting their demands , the hacker would keep silent about the ESEA hack and help the organization address the security flaw that made it possible . In their previous notification , ESEA said they learned about the incident Attack.Databreach on December 27 , but make no mention of any related extortion attempts Attack.Ransom . The organization reset passwords , multi-factor authentication tokens , and security questions as part of their recovery efforts . We ’ ve reached out to confirm the extortion attempt Attack.Ransom claims made by the hacker , as well as the total count for players affected by the data breach Attack.Databreach . In an emailed statement , a spokesperson for ESL Gaming ( parent company to Turtle Entertainment ) confirmed that the hacker did in fact attempt to extort money Attack.Ransom , but the sum demanded Attack.Ransom was `` substantially higher '' than the $ 50,000 previously mentioned . The company refused to give into the extortion demands Attack.Ransom , and went public with details before the hacker could publish anything . The statement also confirms the affected user count of 1.5 million , and stressed the point that ESEA passwords were hashed with bcrypt . When it comes to the profile fields , where more than 90 data points are listed , ESL Gaming says those are optional data points for profile settings . `` We take the security and integrity of customer details very seriously and we are doing everything in our power to investigate this incident , establish precisely what has been taken , and make changes to our systems to mitigate any further breaches . The authorities ( FBI ) were also informed and we will do everything possible to facilitate the investigation of this attack , '' the message from ESL Gaming concluded . `` Based on the proof provided to us by the threat actor of possession Attack.Databreach of the stolen data , we were able to identify the scope of the data that was accessed Attack.Databreach . While the primary concern and focus was on personal data , some of ESEA ’ s internal infrastructure including configuration settings of game server hardware specifications , as well as game server IPs was also accessible Attack.Databreach . Due to the ongoing investigation , we prioritized customer user data first , '' the statement explains . In the days that followed that initial contact , ESEA worked to secure their systems , and the hacker kept making demands . On January 7 , ESEA learned the hacker also exfiltrated Attack.Databreach intellectual property from the compromised servers