League of Legends, Teamfight Tactics source code stolen, Riot says

Riot Games has announced that hackers stole the source code files for League of Legends and Teamfight Tactics in a security breach last week.

According to Riot, the stolen source code contains some undisclosed prototypes and “experimental features” that might not be released. The developer said this incident directly impacted its teams’ ability to release game patches.

“Nothing that would have been in 13.2 will be cancelled, we might just have to move things that can’t be hotfixed (e.g. art changes) to a later date instead.”

Andrei van Roon, head of League Studio

Head of League Studio Andrei van Roon said they would not cancel the release of Patch 13.2 for LoL, but they might need to move some things they could not fix to a later date.

$10 million ransom

The hackers demanded $10 million from Riot as ransom. Should the company comply, the hackers promised to remove the code from their servers and provide insight into how they breached Riot’s security. The hackers also said they would offer advice to prevent future security breaches.

To prove they had access to LoL source code files, the hackers sent Riot an email with two PDF files showing directories related to the game’s code. In the same email, the perpetrators included a link to a Telegram group chat where the company could speak with them. Some of the members’ usernames listed on the group chat appear to match the names of Riot employees.

They gave Riot 12 hours to decide, saying that if the company did not comply, the source code and the extent of the breach would be made public. However, the company said it would not give in to the hackers’ demands.

“Over the weekend, our analysis confirmed source code for [League of Legends], [Teamfight Tactics], and a legacy anticheat platform were exfiltrated by the attackers,” Riot said on Twitter. “Today, we received a ransom email. Needless to say, we won’t pay.”

In the aftermath of the incident, Riot reassured that no personal player data was compromised. However, the developer warned that the attack could cause new cheats to appear in its games.

Ongoing investigation

Riot said it was working with law enforcement and external consultants to investigate the incident. It said it would release a full report later.

Before Riot, there had been several cases of major video game developers and companies experiencing security breaches last year.

One of these video game studios, 2K Games, reported an attack on its support services that had infected several customers with malware in September 2022. In October of the same year, 2K warned its users that some of their information was stolen and sold online.

Also, in September 2022, a hacker attacked Rockstar Games and leaked unpublished videos of the unreleased Grand Theft Auto VI and source code files for Grand Theft Auto V and Grand Theft Auto VI.

The hacker claimed they were also responsible for the attack on Uber in the same month. The company was adamant that the hacker was associated with the Lapsus$ extortion group, infamous for attacking several other high-profile companies like Microsoft, Cisco, Ubisoft and Samsung.

Uber said that the hacker had used the stolen credentials of an Uber EXT contractor to overwhelm the target with two-factor authentication (2FA) login requests until the target accepted one of them.