because the company does not store that information online . Eurostar has yet to confirm how many people have been affected by this data breachAttack.Databreachor whether any data has been takenAttack.Databreach. The company has reported the data breachAttack.Databreachto the Information Commissioner 's Office . `` We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to accessAttack.Databreacheurostar.com accounts using your email address and password , '' the company told customers . `` We 've since carried out an investigation which shows that your account was logged into between the 15 and 19 October . If you did n't log in during this period , there 's a possibility your account was accessedAttack.Databreachby this unauthorised attempt . '' Customers were told to check their accounts for `` anything unusual '' and update login details on any other site where they use the same password . A Eurostar spokesman said : `` This email was sent after we identified what we believe to be an unauthorised automated attempt to access customer accounts , so as a precaution , we asked all account holders to reset their password . We deliberately never store any payment details or bank card information , so there is no possibility of those being compromisedAttack.Databreach. '' An ICO spokesman said : “ We ’ ve received data breachAttack.Databreachreport from Eurostar and are making enquiries. ” Last week , British Airways revealed that almost 200,000 further passengers may have had their personal data stolenAttack.Databreachby hackers in the September attackAttack.Databreachin what experts described as one of the biggest breachesAttack.Databreachof consumer data the UK had ever seen .
Online gaming company Reality Squared Games ( R2Games ) has been compromisedAttack.Databreachfor the second time in two years , according to records obtainedAttack.Databreachby the for-profit notification service LeakBase . The hacker who shared the data with LeakBase says the attackAttack.Databreachhappened earlier this month . Headquartered in Shenzhen , China , R2Games operates a number of free-to-play , micropayment-driven games on iOS and Android , as well as modern browsers . The company currently supports 19 online games , and claims over 52 million players . In December of 2015 , stretching into July of 2016 , more than 22 million R2Games accounts were compromisedAttack.Databreach, exposingAttack.DatabreachIP addresses , easily cracked passwords , email addresses , and usernames . The company denied the breach reports , telling one customer that `` R2Games is safe and secured , and far from being hackedAttack.Databreach. '' The hacker claims all forums were compromisedAttack.Databreach, in addition to the Russian version of r2games.com . The latest record set includes usernames , passwords , email addresses , IP addresses , and other optional record fields , such as instant messenger IDs , birthday , and Facebook related details ( ID , name , access token ) . LeakBase shared the most recent records with Troy Hunt , a security researcher and owner of the non-profit breach notification website `` Have I Been Pwned ? '' ( HIBP ) . Hunt checked the data by testing a small sample of email addresses and usernames against the password reset function on R2Games . Every address checked was confirmed as an existing account . From there , Hunt did some number crunching . There were 5,191,898 unique email addresses in the data shared by LeakBase . However , 3,379,071 of those email addresses were using mail.ar.r2games.com or mail.r2games.com ; and another 789,361 looked generated , as they were all [ number ] @ vk.com addresses . LeakBase speculates that the r2games.com addresses are the result of registrations from third-party services . After stripping the questionable addresses Hunt was left with 1,023,466 unique email addresses to load into HIBP . Of this set , 482,074 have been seen before in other breaches , leaving 541,392 new entries for his index – and new notifications for 1,105 subscribers . When asked about the passwords , Hunt told Salted Hash many of them are MD5 with no salt , but a large number of them have a hash corresponding to the password `` admin '' and a few hundred thousand others are using the plain text word `` sync '' . `` The observation I 'd make here is that clearly , they do n't seem to be learning from previous failures . The prior incident should really have been a wake-up call and to see a subsequent breach not that long after is worrying . Perhaps the prior denials are evidence that they just do n't see the seriousness in security , '' Hunt said , when asked his opinion about the latest R2Games data breachAttack.Databreach. Salted Hash reached out to R2Games , but the company did n't respond to questions . Emails were sent to support , as well as recruiting and sales , on the off chance someone could direct them to the proper resources . For their part , LeakBase said since this data breachAttack.Databreachis n't in the public domain , they will not add the records to their service and it will not be searchable . However , they do plan to email impacted users and inform them of the incident . HIBP has been updated , and those changes are live now . If you 're an R2Games player , it might be wise to change your password and make sure the old password is n't used on any other websites . Also , keep an eye out for gaming related offers and emails , as well as `` notifications '' from domains that are n't related to R2Games itself - as those could be scammers looking to cash-in on the breach . While the hacked data is n't public yet , there 's nothing preventing the person who shared it with LeakBase from selling it or trading it .