Nexus Mods reports Security Breach - Users told to change passwords

A 'small number of user records' have been accessed

Nexus Mods reports Security Breach - Users told to change passwords

Nexus Mods reports Security Breach - Users told to change passwords

Nexus Mods, the popular game modding website, has confirmed that they suffered a security breach in November, where a 'potentially malicious third-party actor' exploited the site using its legacy codebase. 

This security breach occurred on November 8th, where a "small number of user records" have been accessed. These records include email addresses, password salts and hashes. As a precaution, Nexus Mods has asked its users to log out of their website and log in again to change their password. 

Nexus Mods has brought forward the release of its "long-planned new user service" to ensure that the site's legacy codebase can no longer be used to access user data. This move will enhance the protection of passwords and other user data. Moving to this service will require a new password, which will make any leaked information for the company's November breach out of date. 

The following recommendations have been released by Nexus Mods. 

General Recommendations

- If you haven’t already, please log out and back in, in order to update your account and password and migrate to the new user service. If you’ve already used the new user service, then there is no need to change your password again.

- If you were using the same password you had on our old user service on other sites, please, change your password on these other sites as soon as possible.

- We strongly recommend using a password manager and to not reuse passwords across sites.

- Always use unique and strong passwords of at least 12 characters for each service you use.

- Consider using Two-Factor Authentication, especially if you are a mod author.


Nexus Mods reports Security Breach - Users told to change passwords  

Nexus Mod users should immediately change their passwords, and ensure that the same password isn't used on other websites. This will ensure that your online accounts remain safe. 

You can join the discussion on Nexus Mods' security breach on the OC3D Forums

«Prev 1 Next»

Most Recent Comments

20-12-2019, 15:36:36


Thanks for the heads up Mark, I had hell last time this happened.Quote

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.