League of Legends exploit allows access to user accounts

League of Legends players took to Reddit to discuss an exploit affecting several users. The exploit in question seems to grant hackers access to the game's store, not using the intended game client, but a web browser. With that, the hacker can then access a user's "Summoner ID" and a token, allowing him to make IP (Influence Points) and RP (Riot Points) transactions.

A Riot Games representative already replied on Reddit regarding this issue, stating the following:

"We're getting this fixed right now, though we can't speak to the specifics of the exploit or the explanations fellow Redditors have been offering. What we can say is that we can see everyone who was hit by an attack, and we'll be returning all RP/IP that was lost."

The same representative also assured the exploit does not expose any personal information, like credit card numbers. Some users reported that a similar problem already happened two years ago, but the representative denied it was the same exploit:

"I had a discussion just now with a guy on our Store team, and the issue brought up two years ago is unrelated to this latest incident."

You can check the full Reddit discussion here.

It would appear as if Riot Games already have a handle on the situation.

Thanks, VG247.