14 DAY TRIAL // Disney announced on Friday via a statement on its website that it shut down the Playdom Forums after it had detected a data breach at the start of the month.
According to Disney's statement, the company learned on July 12 that an attacker breached the playdomforums.com servers on July 9 and then on July 12.
The Playdom Forums are Disney Interactive's official forums for games such as Star Wars: Commander, Marvel: Avengers Alliance (MAA), Marvel: Avengers Alliance Mobile (mMAA), and Disney Hidden Worlds (HW).
Over 356,000 users affected
According to the forum's latest statistics section, 356,000 had registered on the platform.
Disney reported that the attacker had accessed sections of the server that allowed him to steal user data such as usernames, email addresses, and passwords.
Additionally, the attacker made off with the IP addresses users used to register on the site. Fortunately for affected users, Disney did not store any other personal information such as IP addresses or Social Security numbers.
Playdom Forums running on vBulletin platform
The company has contacted authorities and has shut down the forums while it investigates the breach. Playdom Forums ran on the vBulletin forum software, and by the looks of an older Internet Archive snapshot, the forum seemed to be running on the old v4 platform, considered insecure.
Disney says it invalidated all user passwords and launched new forums with better security features. Two separate forums have been made available for players of Marvel Avengers Alliance and Star Wars Commander.
It is currently unknown if the Playdom Forums will make a comeback, or Disney will continue with the separate forums it has set up in the meantime.
Since password reuse is a recurring issue among Internet users, Disney recommends that all Playdom users who reused their password on other platforms go through the process of updating those accounts to avoid any potential issues.