R6DB is an online gaming service that gives statistics for Rainbow Six Siege players. It went down this weekend and the database removed by the hackers and asked for a Ransom.
The hack took down the service on Saturday (September 30) and the company said that automated bot accessed their servers and deleted the database. They kept the remote connection open from Development machine to Postgress Database server.
According to the company:
Today someone deleted our databases. We still had remote connections enabled from development and a bot jumped at it. They left a nice ransom message, but we have no reason to believe that they kept any data. On top of that our backups are useless, since they didn’t work on the postgres codebase yet. Due to the hectical and unplanned September-migration we didn’t have everything locked down yet, which led to this situation.
The company also said that they don’t collect any personal data, so users don’t have to be concerned about any privacy problems. They said that some profiles are gone and they can re-index them when searched for, but that’s a step they can’t do individually.
R6DB determined to fully deploy a new server because the old one has been compromised, they made the new server online but the database recovery is still in progress.