Games platform Roblox has experienced a pretty substantial data leak.
That's according to Haveibeenpwned.com boss Troy Hunt, who reported that the breach involves the names, phone numbers, email addresses, date of birth and physical addresses of around 4,000 people in attendance of the Roblox Developers Conferences between 2017 and 2020.
Haveibeenpwned says that the leak initially took place in 2021, but its existence was not widely reported on. Roblox appears to have not disclosed the breach, too, which appears to be a violation of Californian state law.
“Roblox has now contacted everyone affected," the firm wrote in a statement to Hunt.
"Minimally affected users just got a sorry email. For more seriously affected users they got a year of identity protection and an apology for everyone else.”
In a separate statement to PC Gamer, the firm said: "Roblox is aware of a third-party security issue where there were indications of unauthorised access to limited personal information of a subset of our creator community. We engaged independent experts to support the investigation led by our information security team. Those who are impacted will receive an email communicating the next steps we are taking to support them. We will continue to be vigilant in monitoring and vetting the cyber security posture of Roblox and our third-party vendors."