Shine said: Furthermore, i didn't get an email at all. Not in spam, not in trash, which is uncleared and far from full. Nothing. A friend had to share this with me. But even if i had, the information provided is hardly adequate. You should be telling people to change their passwords here and anywhere they reuse variations of that password, at minimum. Advising people not to reuse passwords and giving a password safe option or two would be better. Enough data was accessed to allow for decent social engineering, and giving people tools to help mitigate that should be a priority. For, while you say "we have no reason to believe that your personal information has been misused", i would argue you have a very good reason to believe it has been: that someone accessed it maliciously. They weren't doing so to make donations in our names to Save the Puppies and Kittens. Hi Shine, Regarding not getting an email I would check your spam folder. If you still didn't I would verify that Roll20 has your correct email address. You can do that by going to your Account . As for the data, I am not personally concerned with it as name, email, and IP address are already out in the wild. So many companies have your data already and are selling it it is not really protected information. The last 4 digits of the cc is also not a major concern to me, it is likely to be out there already as it is not considered sensitive information. Example: you go to the store and buy something, take a look at the receipt, the last 4 digits of your cc are there. Regarding passwords, that was not part of the data breach.