A hacker apparently bribed a Roblox worker to get their hands on user data.
That's according to Motherboard, which reports that the member of staff passed on the personal data of Roblox's users. This allowed the hacker to see user email addresses, change passwords as well as remove two-factor authentication from accounts. Oh, they could also ban users.
The hacker told Motherboard that they only accessed a few accounts, and did this to prove a point to Roblox.
"We immediately took action to address the issue and individually notified the very small amount of customers who were impacted," a Roblox spokesperson said.
The company has passed on information about this incident to the HackerOne bug bounty platform.
They added: "We’ve also reported the actions of this individual to HackerOne for investigation as an additional measure.
Roblox is a wildly popular online platform that's predominantly used by kids. The company was valued at $4bn in February 2020. At the time, the firm said it has 115m monthly active users, an increase on the 90m it boasted in April 2019. Users apparently spend 1.5bn hours playing games on the platform each month.
In March, the Bloxy Awards drew 600,000 users, with four million concurrent users logging in to the Roblox platform.