Dueling Network

In March 2017, Dueling Network—a once-popular online platform for Yu-Gi-Oh fans—suffered a significant data breach that compromised roughly 6.48 million user accounts. Although the main site had been taken offline in 2016 due to a cease-and-desist order, its forum remained active, leaving a trove of user data exposed. Hackers exploited a vulnerability in MySQL to gain unauthorized access to the database, which stored email addresses, IP addresses, usernames, and passwords hashed using the weak MD5 algorithm. This outdated hashing method made it easier for attackers to potentially crack the passwords, putting users at risk if they reused those credentials elsewhere.

Data Included in the Breach