Riot Games has finally started to contact those affected by its store security bug, nearly two weeks after the incident occurred.
The issue, which coincided with the launch of the Welcome to the Jungle event, affected around 250 people in Europe. Customers were accidently logged in as another person from the EU store and, if they wanted to view it, they had access to that person’s personal information.
In an email sent out by Riot, the company went into detail about what another person may have been able to see during the small window that the incident occurred. Information such as Summoner Names, partial email addresses, and personal information such as telephone numbers and addresses could have been accessed.
Riot was keen to stress, however, that passwords, credit card numbers, and any bank or payment information could not have been seen during the small window, as Riot does not store that information on its website.
If anyone has saved the personal information and attempts to defraud a customer, Riot has promised to take disciplinary action. The developer will continue to monitor everyone involved to see if they try to use another person’s details.
Riot has since stressed that players should look to reset their passwords as soon as possible, just as a fail safe. Anyone that was affected by the bug should have received an email to reset their password on Riot’s Merch Store. Riot Games is also offering Summoner Name changes to anyone affected, at no additional charge.