[Update 12/8/2015:] Dark0ne, the site owner of Nexus Mods has provided an update on the site possibly being breached. In the post he explains that the site was breached but the dump of the user data was from 2013, writing…

“[…] the database dump is “old”, with the last member in the database having registered on July 22nd 2013. If you’re one of the 4.2 million users who registered on Nexus Mods after this date, your details are not included in this database dump and are therefore considered “safe”. Second, the database dump isn’t a complete database rip. The dump contains user IDs, usernames, email addresses, hashes and salts, and that’s it. It does not contain cracked passwords i.e. anyone with access to the dump would need to attempt to crack the hashes and salts themselves in order to get any sort of use out of them on the site.”

[Original article:] A letter sent out by the Research and Education Networking Information Sharing and Analysis Center to a higher education institution indicated that the Nexus Mods database — famous for carrying mods of all sorts for various PC games — may have been breached.

Over on Nexus Mods, site owner Dark0ne posted a message warning users to change their passwords for security, and to protect and safeguard the passwords for other accounts across the web. Dark0ne writes…

“It is with a heavy heart that I must inform you of a potential database breach at Nexus Mods. I understand that sounds horrifically ambiguous at best, but the simple truth of the matter is that we have yet to fully confirm the database breach has occurred any time recently but, in light of recent events, I cannot in good conscience not warn you of the potential for such an eventuality.” “Right now, we wholeheartedly recommend changing your password here and please ensure it’s not a password you use anywhere else. Just in case it’s not obvious; because we haven’t found a breach yet, if there is a breach, it means they could access the database again, so just updating your password now won’t make it completely secure.”

The uncertainty of the breach is one thing that Dark0ne continually reiterates, but it’s mentioned as often as practicing safe web usage; hence the suggestion to alter the Nexus Mod password of the account as soon as possible.

Dark0ne tried getting more information out of the security team but given that it’s the weekend the information was thin. Expect an update that either confirms or denies the breach in an indisputable way by Monday.

The news about the breach first came up over on a Reddit thread on /r/gaming where user AreYouReadyToReddit let the community know that they had received an e-mail from REN-ISAC indicating that a breach had occurred, writing…

“I work for a Higher Ed institution, and today I received a report from REN-ISAC ( https://www.ren-isac.net/ ) letting us know that a large number of student users had their credentials breached for nexusmods.com “Needless to say as a gamer I was quick to recognize the name, and thought it would be best to pass the word. “You should reset your password to the Nexus Mods website.”

There were people rightfully skeptical. It was easy to think that it was nothing more than a high-profile 4chan troll. The Reddit user opted to provide some evidence of the claim by showing the e-mail from REN-ISAC with redacted user information.

Imgur: The most awesome images on the Internet Imgur: The most awesome images on the Internet.

A couple of other users in the thread working at and attending various universities also mentioned that they too received the e-mail from REN-ISAC.

For now the security breach has not been confirmed but it’s still safe practice to change the password to your Nexus Mods account as soon as possible.