The details of as many as 2.5 million PlayStation and Xbox users have been exposed following a hack on two popular gaming forums.
The 'XBOX360 ISO' and 'PSP ISO' forums, places where gamers were provided with links to free downloads of games for each console, breached by hackers in 2015, but details of the hack have only just come to light.
According to security researcher Troy Hunt, who owns the website 'Have I Been Pwned', the compromised the email addresses, account passwords and IP addresses of 2.5 million games.
'Data breaches are often sold via dark websites or within closed trading circles,' Hunt told the Daily Mail.
"The prevalence of password reuse means that a relatively benign site can hold credentials that unlock far more valuable resources, for example, email or social media accounts."
The hackers responsible for the breach have not yet been identified, but users of the forums are being advised to change their passwords.
Commenting on the hack, Robert Capps, VP of business development at NuData Security, said: "The recently disclosed data theft from the unofficial PlayStation and Xbox forums is yet another example of the need for consumers to be wary of who they provide their information to online.
"While this site is mostly used to distribute pirated copies of games, DVD's and BluRays, consumers who use the forums need to make sure that they are vigilant. Keep alert to any phishing scams that may appear in email as a result of this hack, changing passwords on any site where the passwords or usernames used on these sites are used.
"This data is likely to be sold on the dark web and used for future cyber crime. It's a good reminder to choose unique passwords on all sites that require registration."
Last year, the Epic Games forum was also the target of hackers in a breach that saw 800,000 users' personal details exposed, including email addresses, dates of birth and private messages exchanged on the site.
A new RSA report urges coders to sign a 'Hippocratic Oath' before embarking on AI programmes.
IT security vendor believes APT33 is working for the Iranian government
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal