[Updated] Nexus Mods Has Potential Database Breach

Published: December 7, 2015 12:50 PM /


Nexus Mods Logo

Nexus Mods, one of the biggest mod databases on the internet, has suffered a potential database breach. And if that sounds a bit too ambiguous for you, it's about to get a lot more vague.

In a news post on the Nexus Mods website, site owner Dark0ne explains that the website first got tipped off on the potential breach due to a Reddit post sent to him. The Reddit post was written by a university employee who got sent an email from REN-ISAC, a cyber-security agency, saying that a number of university students had their Nexus Mods credentials breached. 

Dark0ne goes on to say that, while they had a database breach a couple of years ago, they are not sure if this is a breach resulting from that leak, or if it's a breach due to the supposed hackers using usernames and passwords that some users have used for other websites, or is using data from other big breaches such as the Playstation Network breach late last year.  

Nexus Mods became more suspicious of a possible breach when 3 mods, made by 3 different modders, had their files changed. Even though the files seemed to have been added by the authors themselves, upon further inquiry they discovered that the authors had no idea that their files had been changed. This may indicate that the accounts were, indeed, compromised, but none of this points directly at a database breach that affects the entire website and its community.

If you've downloaded any mods from the Nexus recently, you'd do best to do a virus scan and keep a lookout for the dsound.dll file. The following is a list of the mods affected, as well as the dates on which the files were added to the mods themselves.

  • BetterBuild (November 29)
  • Rename Dogmeat (December 4)
  • Higher Settlement Budget (December 5)

You know the drill, people. Go forth and change your passwords until Nexus Mods can find out what has happened here. Make sure that the password you use is not a password that you've already used for other websites. Using the same password across websites may leave your accounts open to be compromised. I suggest you use a random password generator to make sure that the password is nearly impossible to guess. 

UPDATE (12/8/2015): The potential breach has been proven partially false, as founder Robin 'Dark0ne' Scott has gained access to the the full database dump form via the reporting security firm and found that the most recent account created in the dump was made in July 2013. Essentially, this is a dated breach, so if you've either created or updated your account since this time - your data is safe.

It's worth noting that the passwords in the dump are encrypted as well, and would need decryption before they could even be used, but should you fall in the category of pre-July 2013, it's still recommended that you change your password. Should you have the mods listed above installed, it's also recommended that you update or uninstall them to be on the safe side for now.

For the full update from Scott, check out the post on the breach and upcoming security changes to Nexus Mods.

Have a tip, or want to point out something we missed? Leave a Comment or e-mail us at tips@techraptor.net

Chris Anderson
| Staff Writer

I've been playing games since I was just barely able to walk so I might as well write about them.