Chess.com recently disclosed a significant security incident that exposed personal information belonging to thousands of users.

The popular online chess platform fell victim to cybercriminals who gained unauthorized access through a third-party application.

What Happened During the Chess.com Data Breach

The attack occurred in June 2025 when threat actors infiltrated a third-party file transfer application used by Chess.com. These criminals maintained access to the system for approximately two weeks, from June 5 through June 18.

Chess.com discovered the breach on June 19, 2025, and immediately launched an investigation. The company worked with cybersecurity experts and notified federal law enforcement about the incident.

Scope and Impact of the Security Incident

According to reports, the breach affected approximately 4,500 accounts out of Chess.com’s 100 million registered users. Chess.com emphasized that the attack only affected the unnamed third-party application, while the platform’s main infrastructure remained secure.

The compromised data includes names and other personally identifiable information. Reports from law firms investigating suggest more sensitive data may have been exposed, including the following:

• Social Security numbers
• Driver’s license numbers
• Account passwords
• Credit card information

Chess.com stated that no financial information was compromised and there’s no evidence the stolen data has been misused or publicly disclosed.

TROYPOINT Tip: Protect your identity and personal info from a data breach by using Aura which is TROYPOINT’s recommended identity theft protection.

Aura Identity Theft Protection Review

Company Response and User Protection

Chess.com took immediate action to secure its systems and prevent further unauthorized access. The company is offering affected users one to two years of free identity theft and credit monitoring services.

Users who received breach notifications have until December 3, 2025, to enroll in these protective services. Security experts recommend signing up as soon as possible.

Protecting Yourself After the Breach

If you received a data breach notification from Chess.com, take these steps immediately:

• Review the notification carefully and keep it for your records
• Enroll in the free monitoring services offered by Chess.com
• Change passwords for all online accounts, especially Chess.com
• Monitor bank and credit card statements for unauthorized transactions
• Check your credit reports for signs of identity theft

Final Thoughts

The Chess.com data breach serves as another reminder about the risks of online platforms storing personal information.

While the company responded quickly to contain the incident, users should remain vigilant about protecting their personal data and monitoring accounts for suspicious activity.

For more details on this story, refer to chess.com for future updates and the report from Bleeping Computer.

We want to know your thoughts. What do you think about this story? Let us know in the comment section below!

Be sure to stay up-to-date with the latest streaming news, reviews, tips, and more by following the iptv subscribه with updates weekly.