The data leak affected the Roblox company, resulting in the data of approximately 4,000 employees being leaked online. For some, this includes names, addresses, birthdates, and IP addresses.

This was spotted and highlighted today by Troy Hunt, creator of Have I Been Pwned, a website that allows you to find out if your personal information has been posted online. According to Hunt on Twitter, this leak affected attendees at the Roblox developer conference, and appeared in a now-deleted forum post long enough for many bad actors to get the information.

According to PC Gamer, which examined Have I Been Pwned as part of its own reporting, the data was first extracted in December 2020, and spread around the niche spaces of Roblox around 2021, only to be posted on said forum a few days earlier.

In response, the Roblox Corporation offered employees a year’s worth of identity protection with much of the identifying information available and, according to Hunt, sent out an apology email to those minimally affected. Patchy response, even for those who get a lot of help because it’s not like their information is going to simply evaporate from the internet once a year.

Roblox has a history of leaks when it comes to upcoming items, but data breaches of this kind are not uncommon. If you are affected by such a data breach, two-factor authentication and mass password changes are recommended.

Roblox is still one of the most popular gaming platforms in the market right now, especially for those of the younger generation. Many games including Anime Journey and Tapping Legends X are played by thousands of kids every day. As such, data security is critical to protecting your user base who may not be aware of security best practices.

This time, developers, not users, were affected. We hope Roblox can cover those affected by incoming harassment and criminality.