‘AMT Games’ Exposed Millions of Players’ Data via an Unprotected Database

  • ‘AMT Games’ left an ElasticSearch instance unprotected online and exposed 1.47 TB of data.
  • The company is making very popular mobile games that enjoy millions of downloads and impressive revenues.
  • The consequences of this exposure include scamming, phishing, spamming, targeted advertising, and account hacking.

‘AMT Games,’ a Chinese developer of several popular RTS games for Android and iOS, has failed to secure its ElasticSearch server properly, irreversibly exposing 1.47 TB of sensitive data to anyone with a web browser and a valid URL. The discovery comes from the security team of WizCase, who tried to reach AMT Games to warn the firm about the lapse but hasn't received a response. The instance was eventually taken offline, but the exposure period was long enough to call this a data breach without a doubt.

The details that have been leaked include the following:

  • Player id
  • Username
  • Country
  • Total money spent on the game
  • Facebook, Apple, and Google account data
  • Social media account link status
  • In-game transaction history
  • IP address of the buyer
  • Payment providers used
  • Feedback rating
  • User email address

All in all, scammers, phishing actors, spammers, account hackers, and social engineering specialists would have many ways to use the above details, so if you have played one of ‘AMT Games’ titles in the past, you should be aware of the increased possibility to be approached by crooks now. Some notable titles of the firm include ‘Heroes of War,’ ‘Battle for the Galaxy,’ and ‘Epic War TD 2.’

In addition to that, because the transaction data is so rich in detail, other game publishers will likely attempt to approach and lure the so-called “whales” into their ecosystem through ad bombardment or special offers. These players are highly valued and sought-after in the industry, as they play a pivotal role in the revenue of game titles.

If you are playing mobile games that you enjoy and would like to buy something, you are advised to use safe payment methods and remove them as soon as the transaction is over. Using credit cards isn’t preferable, and in this case, we see how easily this data could have been exposed. The trouble of something like that is far too great to compare with the enjoyment that comes from purchasing in-game items.

Latest
How to Watch Junior Bake Off 2023 (Season 8) Online from Anywhere
Get ready to watch juniors show off their baking skills! Junior Bake Off 2023 (Season 8) is all set to be aired!...
How to Watch How I Met Your Father Season 2 Online from Anywhere
How I Met Your Father Season 2 is set to hit the screens pretty soon. We have the premiere date, plot, cast,...
How to Watch Better Date Than Never Online: Stream the Dating Docuseries from Anywhere
Are you a docuseries lover? If so, we have a piece of exciting news! Better Date Than Never, a new six-episode series,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari