cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Roblox third party suffers data breach, conference attendees affected

Major online game platform Roblox has revealed that attendees of its Roblox Developer Conference for the last three years have been impacted by a data breach.

user icon Daniel Croft
Tue, 09 Jul 2024
Roblox third party suffers data breach, conference attendees affected
expand image

While the game has over 200 million active players, the data breach affected those who registered to the Roblox Developer Conference in 2022, 2023 and/or 2024.

The breach didn’t affect Roblox itself, but FNTech, the vendor Roblox used to manage its conference registrations.

“A Roblox vendor recently notified us that there had been unauthorised access to a subset of Roblox user information from a 2022–2024 Roblox Developer Conference registration list via its website,” said Roblox in a statement.


“Your personal information in the categories below may have been included among the accessed data:

“Registered name, email and IP address.”

FNTech has yet to release a public statement on the matter. Cyber Daily has reached out to FNTech requesting comment or a statement.

The threat actor behind the incident is currently unknown.

The incident is far from the first suffered by Roblox, with the platform’s massive player count attracting threat actors.

The Roblox Developer Conference has suffered incidents in the past, with attendees of the conference between 2017 and 2021 having had their personal data leaked, according to a source speaking with Have I Been Pwned’s Troy Hunt on 18 July 2023.

By 20 July, Roblox had addressed the incident, saying it had contacted those affected.

Roblox is aware of a third-party security issue where there were indications of unauthorised access to limited personal information of a subset of our creator community. We engaged independent experts to support the investigation led by our information security team,” the company wrote on 24 July.

“Those who were impacted have received an email communicating the next steps we are taking to support them. We will continue to be vigilant in monitoring and vetting the cyber security posture of Roblox and our third-party vendors.”

A month later in August, Roblox developers were targeted with information-stealing malware. The malware, known as “Luna Grabber”, was disguised as commonly used open-source software, tricking the developers into downloading it.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.