[ad_1]
\n<\/p>\n
Popular virtual tabletop service Roll20 <\/a>, according to an email the company sent out to users. The email, written on July 2, warned users that their personal data may have been exposed, including \u201cfirst and last name, email address, last known IP address, and the last four digits\u201d of credit cards. However, the breach didn\u2019t expose passwords or full financial information, so that\u2019s good.<\/p>\n The company discovered \u201cunauthorized access\u201d to an administrative account last week. It immediately blocked the impacted account, but this particular account had access to the aforementioned personal information. Roll20 doesn\u2019t know if anyone actually used this breach to scoop up data, saying it has \u201cno reason to believe that your personal information has been misused\u201d and that it\u2019s notifying users \u201cout of an abundance of caution.\u201d<\/p>\n Engadget reached out to the company for more information regarding the timeline and the potential impact. We\u2019ll update this post when we hear more. \u201cWe truly regret that this incident occurred on our watch,\u201d Roll20 founder <\/em><\/a>.<\/p>\n It\u2019s worth noting that users <\/a> to implement two-factor authentication (2FA) for years, to no avail. It experienced a similar data breach in 2018 <\/a>. It\u2019s probably time for Roll20 to bump its charisma stats and approach a 2FA service provider, for the good of the realms.<\/p>\n<\/div>\n