Overview
- Have I Been Pwned added the leak to its database on June 1–2 after an attacker posted an alleged Atlas Menu database to GitHub that contains roughly 64,000 user records.
- The exposed fields include email addresses, usernames, IP addresses, support tickets, and passwords that were stored as bcrypt hashes.
- Bcrypt hashing reduces the chance of immediate plaintext password theft but does not eliminate risk if implementation, salts, or cost factors are weak and support tickets and IPs can still be used for doxxing or phishing.
- Atlas Menu’s website is offline and its operators have not responded to requests for comment, and it is unclear whether affected users have been notified or what remediation steps have been taken.
- The breach highlights recurring risks in the gaming ecosystem where commercial cheat and mod services operate outside publisher rules and have been targeted in past incidents, raising legal exposure for providers and privacy vulnerability for their customers.