Change your passwords: NexusMods suffers database breach

Or, a ‘potential’ one, at least

I hope you’ve got your password strategies down because you’ll have to think up a new one if you’ve got an account at Nexus Mods, the popular mod repository. According to a statement posted by site founder Robin “Dark0ne” Scott, the site was tipped off to a possible security breach by posts on reddit. Cybersecurity firm REN-ISAC had apparently contacted several university IT departments about a database breach at Nexus Mods. Scott has contacted the company, but concrete details have been slow in coming thanks to it being the weekend.

Actual information about the extent of the breach, or even if there has been one, is thin on the ground at the moment, though Scott mentioned the tipping point being some suspicious activity on three frequently downloaded mods. The mods were accessed by the authors’ accounts and had an unknown .dll file added to them. Though the file itself did not trip any warnings on the site’s various virus scanners, the authors themselves reported that they did not add the files themselves. The incident prompted Scott to go ahead and notify the user base even without direct confirmation of a breach being available. 

In any case, it’s best to change your password, if you haven’t already. The three affected mods are listed below.

Nexus Mods reporting suspicious activity:

– Higher Settlement Budget (downloads from December 5)

– Rename Dogmeat (downloads from December 4)

– BetterBuild (downloads from November 29)

– Higher Settlement Budget (downloads from 5th December)
– Rename Dogmeat (downloads from 4th December)
– BetterBuild (downloads from 29th November)

Josh Tolentino
When not posting about Japanese games or Star Trek, Josh served as Managing Editor for Japanator. Now he mostly writes for Destructoid's buddies at Siliconera, but pops back in on occasion.