Chess.com, the world’s largest online chess platform, was rocked by a breach that leaked user data. The platform, where millions of games are played daily, announced that only a small number of users were indirectly affected. Fortunately, for a site with over 100 million users, the number of affected users remained relatively low.

Chess.com in the spotlight due to data breach

According to Bleeping Computer, Chess.com notified some customers that the breach was caused by a third-party file transfer application. The incident occurred between June 5th and June 18th. The company stated that it learned of the breach on June 19th.

An investigation revealed that the personal data of approximately 4,500 users was compromised. The company emphasizes that users’ financial data was not accessed. Chess.com, which has been providing identity theft and credit monitoring services to affected customers for several years, stated that users can sign up for these free services until December 3, 2025.

Chess.com emphasized that the breach originated not from its own infrastructure, but from the third-party application used, and that its systems are secure. No details were provided as to which application was compromised. Furthermore, the information received indicates that the stolen data has not yet been listed online, and there is no evidence of malicious use.

The company has notified law enforcement about the incident and has enlisted the help of security experts to assess the scope of the breach. It states that it has taken the necessary measures to prevent data misuse during this process.

These steps by Chess.com are considered a swift response to ensure the security of its users. The platform also demonstrates its preparedness for such cyberattacks. This incident has once again highlighted the importance of cybersecurity risks for all online platforms that use third-party services.