According to their report, usernames, email addresses, salted password hashes, and some first and last names were accessed.
Investigation reports that around 120,000 transaction records from 2011 that contained hashed and salted credit card numbers have been accessed.’The payment system involved with these records hasn’t been used since July of 2011, and this type of payment card information hasn’t been collected in any Riot systems since then.’-the blog says.
As such they are claiming to take necessary steps to notify and safeguard affected players. Affected players will be contacted via their email ids associated with their accounts to alert them.
The players with account in North America are requested to change their passwords to stronger ones which would be hard to guess.
Additionally, new security features that are currently in development include:
Email verification: all new registrations and account changes will need to be associated with a valid email address (we’ll also require all existing players to provide a valid email address).
Two-factor authentication: changes to account email or password will require verification via email or mobile SMS.
So lets wait and watch is the Game Over or the Battle is still to be played.