Data leak
Chess.com Third-Party File Transfer Provider Breach
Primary Source βIncident Details
Chess.com, the world’s largest online chess platform with over 100 million registered users, disclosed in September 2025 that a third-party file transfer provider had been compromised. The breach exposed an unspecified subset of Chess.com user data. Chess.com notified affected users and relevant data protection authorities. The specific vendor and data types exposed were not publicly detailed at the time of disclosure.
Technical Details
- Initial Attack Vector
- Chess.com's unnamed third-party file transfer provider was compromised, resulting in the exfiltration of customer data stored in that system
Timeline
- 2025-08-01 Breach occurred
- 2025-09-15 Publicly disclosed
- 2025-09-15 Customers notified