Nexus Mods might have a security breach with their user database, change your passwords

Nexus Mods is one of the best, if not the best, places to grab mods for pretty much any game that supports them. Not to mention that their Mod Manager works far better than the one you get with Steam Workshop.

So its really sad news hearing that Nexus Mods may have had its user database breached. Nothing is certain as of right now but just in case it ends up being true I'd suggest you change both your Nexus Mods password as well as any account that might share the same one.

It would seem that so far only three Fallout 4 mods have been compromised at around the same time which isn't surefire proof of a security breach at Nexus Mods but it is a good indicator. Here's a quote from the Nexus Mods founder, Robin Scott.

"Things became more suspicious yesterday when three Fallout 4 mods from three separate authors had their files changed by the author's themselves, but the file change contained a .dll file that while it isn't being reported as a virus by our Virus Total system (that scans files using 56 different virus scanners), it is still highly suspicious, and the authors have reported it wasn't them who did it. Indications suggest these author accounts were compromised. Which, once again, isn't conclusive proof of a total database breach, but is rather damning"

The three mods in question are: Higher Settlement Budget (downloads from 5th December), Rename Dogmeat (downloads from 4th December), BetterBuild (downloads from 29th November). If you have downloaded compromised files I'd suggest you delete them as soon as possible and initiate a malware scan. Also, just for extra security, use a separate PC to change passwords on everything you've logged in to since you've downloaded the mods because even though we don't know if the extra files are malicious or not its better to be safe than sorry.

And one more tip, this one from me personally: DO NOT REUSE passwords for different accounts, especially for high profile ones such as Steam, Facebook, etc. If you have trouble remembering passwords you can always use password managers like keypass (personal favorite) or even a piece of paper tucked in a drawer at home.

With all of that said, I wish the best of luck to the Nexus Mods team because this situation is not a fun one for them, especially since can't even be certain if there was a breach or not.

Please Log In to post a comment