World's Largest Online Chess Platform Hacked

Chess.com – a popular online chess platform with over 100 million users – has just announced that it was affected by a data breach involving a third-party application.

 

According to Bleeping Computer, Chess.com sent a notice to some customers stating that the service was indirectly affected by a security incident that occurred with a file transfer application that the platform uses. The incident occurred between June 5 and 18 of this year, and Chess.com discovered it on June 19.

Chess.com immediately notified the authorities and invited cybersecurity experts to investigate and isolate the impact. The results showed that data from about 4,500 users was exposed, possibly including personally identifiable information (PII), but no financial data was accessed.

Out of a total of 100 million users, 4,500 accounts for only about 0.0045%. However, Chess.com is still offering affected customers free credit monitoring and identity theft prevention services for two years, with a subscription deadline of December 3, 2025.

The platform stressed that only the third-party file transfer application was affected, while Chess.com's internal infrastructure remained secure. There have been no reports of leaked data appearing online or being exploited by malicious actors.

In November 2023, Chess.com suffered a similar cybersecurity incident, in which over 800,000 user records were stolen from their website using an API exploit and then posted to a hacking forum.