Roll20

In 2018, Roll20, a popular online tabletop role-playing game platform, experienced a data breach that compromised the personal information of its users. The leak affected 3,994,436 records and exposed sensitive data such as email addresses, IP addresses, real names, partial credit card details, and passwords.

The breach occurred due to a vulnerability in Roll20s password reset functionality. Attackers exploited this vulnerability to gain unauthorized access to the platforms database and steal the user information. Roll20 has since taken steps to address the vulnerability and improve the security of its platform.