Roll20 uses cookies to improve your experience on our site. Cookies enable you to enjoy certain features, social sharing functionality, and tailor message and display ads to your interests on our site and others. They also help us understand how our site is being used. By continuing to use our site, you consent to our use of cookies. Update your cookie preferences .
Advertisement Create a free account Compendium in Game, Join Today
This post has been closed. You can still view previous posts, but you can't post any new replies.

Security Breach Questions

I am glad the passwords are encrypted but why is the other data not encrypted? I consider my PII info Name, email and IP just as important. Breach are going to happen and nothing we can do about it but make the data useless is your responsible. Why is it necessary for you to record the IP address of the users? Did they get all users info and if not how can I find out if my info was breach?
KS Backer
I'm kinda concerned myself, I'm not too happy about emails and other information being on the run.
Nolan T. J.
Roll20 Team
The reason you can encrypt a password is that you never need to show that element to anyone (including us). The other elements-- the name and email you choose to use to associate with us, the IP address, etc.-- are needed for interactions.  We'll continue to update with more information as we're able-- we're currently working with outside organizations on what's next. As far as being in the breach, everyone with an account ahead of December 26th, 2018 would have the previously listed information in the possession of the criminal hacker.