Game streaming giant Shadow confirms data breach, users personal info stolen

News
By published

Employee played a compromised game on a computer with access to sensitive information

A white padlock on a dark digital background.
(Image credit: Shutterstock.com)

Shadow PC, which allows users to run demanding PC games on a lower-end device, has confirmed it suffered a security breach that saw unnamed attackers steal enough user data to run phishing attacks, identity theft, and more. 

The stolen data includes full customer names, email addresses, dates of birth, billing addresses, and credit card expiration dates. More than 500,000 customers were affected by this incident. 

Account passwords and payment data were not accessed, the company confirmed.

Highly sophisticated attack

The company reached out to affected customers to explain what had happened, describing the attack as “sophisticated”. In the breach notification letter, Shadow PC said one of its employees was a “victim of a social engineering attack” at the end of September.

"This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of our employee, himself a victim of the same attack." When this employee infected their computer with malware, it stole (among other things, presumably) an authentication cookie that allowed the attackers to log into a software-as-a-service (SaaS) tool the company used.

Since then, Shadow revoked the authentication cookie, effectively locking the threat actors out of its systems. Shadow also said it introduced “additional measures” to make sure incidents like these don’t happen again.

While Shadow was busy dealing with the aftermath of the breach, a hacker took to a popular dark web forum to claim responsibility for the attack. They said that a total of 533,624 users have had their data stolen, and claimed they tried to come to an agreement with Shadow, which the company “deliberately ignored”. Now, they’re selling the database. The media were not able to independently confirm if the database was legitimate or not.

Via BleepingComputer

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
malware
Valve advises full system reset if you've downloaded this Steam game containing malware
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
A computer being guarded by cybersecurity.
Wacom warns users their data may have been stolen in breach
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Google Chrome extensions targeted by hackers to steal user passwords
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Latest in Security
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Image depicting a hand on a scanner
Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
Latest in News
The new Dr. Squatch Call of Duty collection.
Latest Call of Duty collaboration finally lets you rub your body with Soap - and I can't believe I just wrote that
The Samsung Galaxy S21 series of phones lying face down.
Samsung announces One UI 7 is coming to older phones after all, but the launch is still a mess
Using Zipped files and folders in Windows 11
Windows 11 should soon be faster at extracting files from compressed ZIPs – and it’s about time, frankly
The player prepares for a fight in Metal Eden.
I loved the bits of Metal Eden that I played and soon you'll be able to try it too thanks to this upcoming free demo
Apple iPhone 16 Pro HANDS ON
The iPhone 18 might get a major chip upgrade after all
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
More about security
Image depicting a hand on a scanner

Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
UK Prime Minister Sir Kier Starmer

The UK releases timeline for migration to post-quantum cryptography

The new Dr. Squatch Call of Duty collection.

Latest Call of Duty collaboration finally lets you rub your body with Soap - and I can't believe I just wrote that
See more latest
Most Popular
The new Dr. Squatch Call of Duty collection.
Latest Call of Duty collaboration finally lets you rub your body with Soap - and I can't believe I just wrote that
Image depicting a hand on a scanner
Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
The Samsung Galaxy S21 series of phones lying face down.
Samsung announces One UI 7 is coming to older phones after all, but the launch is still a mess
The player prepares for a fight in Metal Eden.
I loved the bits of Metal Eden that I played and soon you'll be able to try it too thanks to this upcoming free demo
Attacking an enemy in FBC: Firebreak.
I can't wait to obliterate legions of sticky notes in FBC: Firebreak
Using Zipped files and folders in Windows 11
Windows 11 should soon be faster at extracting files from compressed ZIPs – and it’s about time, frankly
Philips Hue
Setting up your Philips Hue lights is now quicker and easier than ever thanks to the latest app update
Apple iPhone 16 Pro HANDS ON
The iPhone 18 might get a major chip upgrade after all
Apple Intelligence Bella Ramsey ad
The Bella Ramsey Apple Intelligence ad that disappeared, and why Apple is now facing a false advertising lawsuit
System Shock 2: 25th Anniversary Remaster
System Shock 2: 25th Anniversary Remaster is coming this year, and I can't wait to be creeped out by SHODAN all over again