If you are a fan of the Witcher series, its developer CD Projekt Red, or of data breaches, you may have remembered when the popular studio announced the hack of an old forum back in December 2016. “It has come to our attention that the now-obsolete cdprojektred.com forum database might have been accessed and copied from our server by an unauthorized party sometime in March 2016. It’s the old database we used to run the forum before we migrated to the login system powered by our sister company — GOG.com,” the forum post reads.

However, they also mentioned that there was no “concrete evidence” of it happening, but it would be in everybody’s interest to change their password. Well, after further examination, CD Projekt Red has confirmed the hack:

Upon examining the data at our disposal, we can conclude that an unauthorized party gained access to the old forum database.

At the time of the event, the database was not in active use, as forum members had been asked to create better-secured GOG.com accounts almost a year earlier. The forum engine has also been upgraded since then to the newest and most secure version, fixing the exploit that allowed said access.

It is our understanding that the obsolete forum database contained usernames, email addresses and salted MD5 passwords (MD5 is an encryption algorithm we used to encrypt your data). This means your old passwords were secured and not directly accessible by anyone.”

Those set to be notified of a breach by haveibeenpwned.com should have already received word of this. The popular breach detection site also tweeted about the event, stating that 67% of accounts exposed were already signed up for alerts. Check it out for yourself:

New breach: The CD Projekt RED forum had 1.9m accounts exposed in 2016. 67% were already in @haveibeenpwned https://t.co/LGaAniJH32

— Have I Been Pwned (@haveibeenpwned) January 31, 2017

What this means for you, the users, is that it’s time to start changing your passwords. Make sure that everything is good to go and maybe you don’t have to worry about this. CD Projekt Red will be sending out emails in the coming days to affected users. Stay safe out there, gamers!

What do you think about all of this? Have you already changed all of your passwords ten times and done some sort of super secret double encryption on your credentials? Let us know in the comments! Well, don’t tell us your info… that would be awkward. In other awkward news, PETA is going after a video game… again. They don’t like that furs are worn in the Warhammer franchise. For more of the ridiculous and wonderful things that take place in the video gaming world, stay tuned to Don’t Feed the Gamers! As always, be sure to check us out on Twitter and Facebook.