- Chess.com discloses June 2025 cyberattack which exposed data of 4,541 users
- Hackers exploited a vulnerable third-party file transfer tool; core systems weren’t breached
- No logins or payment data were stolen; victims get free identity theft and credit monitoring
Chess.com, the biggest and most popular chess game online platform, has confirmed suffering a cyberattack in which it lost sensitive information on a small fragment of its user base.
In a data breach notification filed with the Maine Attorney General’s Office, the company said the incident occurred on June 5, and was spotted roughly two weeks later, on June 19.
In total, 4,541 people were exposed, out of 200 million+ of Chess.com’s registered users.
Infrastructure intact
The hackers, who weren’t named in the report, managed to steal the data through a third-party managed file transfer tool Chess.com used.
The company did not want to say which one it was, but Recorded Future News found two popular brands of file transfer tools – Wing FTP and CrushFTP, both reporting “severe vulnerabilities” in July 2025, which the customers were urged to patch.
The company also stressed that its code and infrastructure remained intact, and that so far there was no evidence that the stolen files were abused in the wild.
It’s not known what kind of information they stole, apart from people’s names – as Chess.com only confirmed banking information and login details were not compromised.
So far, no one claimed responsibility for the attack.
Chess.com did what most companies do in the aftermath of a cyberattack – hired a third-party cybersecurity team, launched an investigation, notified relevant authorities, and alerted affected individuals. It is also offering free identity theft and credit monitoring for the victims.
The platform was founded in 2007 and has since grown to become the number one place for Chess lovers. Beyond gameplay, Chess has a huge social component: players can join clubs, chat, and follow streamers or grandmasters. The platform has apps for web, iOS, and Android, and offers a mix of casual play, training tools, and professional broadcasts.
Via BleepingComputer
You might also like
https://cdn.mos.cms.futurecdn.net/rVvSiMd5XGd2PY7h4NijSL.jpg
Source link
