Chess.com revealed a data breach caused by unauthorized access to a third-party file transfer app, affecting a small portion of its 100 million users. The incident led to potential exposure of personally identifiable information, but no financial data was compromised, and measures have been taken to enhance security. #ChessDotCom #ThirdPartyBreach
Keypoints
- Threat actors accessed a third-party file transfer application used by Chess.com in June 2025.
- The breach lasted for two weeks, from June 5 to June 18, before being discovered on June 19.
- Only a small percentage of users, approximately 4,500, were affected by the incident.
- Personal data such as names and other PII may have been accessed, but no financial information was involved.
- Chess.com has improved security measures and offered affected users identity theft monitoring services.