Illustration of online gaming

If you play online gaming, you are probably being spied on. 

Privacy concerns may be inherent in the design of the game itself, such as games that require access to your webcam or microphone. Some companies sell any relevant information they’ve collected about you to advertisers, and others collect enormous quantities of data for their own purposes. 

It’s also difficult to know whether your data will be secure on the gaming companies’ servers, as previous data breaches have highlighted.

While you are probably happy to share some data with a company, other pieces of information can be used to build a profile of your habits and personality. This can then be sold to advertisers, who will bombard you with unwanted ads. Or, worse, it could be leaked in a data breach and used to steal your identity. Unfortunately, many bad actors are more than happy to take advantage of this opportunity.

This article outlines some of the issues surrounding online gaming privacy. At the end, there’s a list of steps you can take to mitigate your chance of becoming a victim.

9 risks to online gaming privacy

1. Camera and microphone access 

Many multiplayer games require mic access to communicate. Younger children especially may not realize the mic is transmitting everything they say. If someone happens to be speaking about personal information in the room, then that would be transmitted to whoever was listening. 

Likewise, many gamers stream their content for viewers online, exposing them to similar risks. If their personal information (such as passwords or location) are viewable in the background of the footage or on their desktop while screen sharing, then this can be stolen and put to ill-use.

Learn more about protecting your children’s privacy online(new window)

2. Location tracking 

Some games, such as Pokemon Go, track your real-world location(new window), sometimes to sell this information to advertisers. For example, if you frequent a certain clothing store and the game notices this, it can tell the advertiser to start showing you ads of that store’s clothing. This, in itself, would be a privacy invasion if you don’t consent, but the harm would be compounded if that same data were revealed by a security breach. You can mitigate both these issues by turning location tracking off if possible.

Ubisoft, for example, which owns the Assassin’s Creed and Tom Clancy franchises, says it respects privacy and security, and yet the company may record your playing habits(new window) at any time. They can also log your location and how much money you spend in-game. 

3. Poorly protected servers 

Hackers can breach any company’s servers without you making any mistakes of your own, which is why it’s important to limit the information you share online and familiarize yourself with the track record of companies that store your sensitive info. Perhaps the most infamous example of this was the Sony Playstation hack(new window). When hackers breached the company’s database, they got access to the personal information of over 70 million user accounts, including names, passwords, credit card details, and addresses.

4. Online gaming malware 

Malicious code can be inserted into the game itself, especially if it’s been pirated(new window). This code is used to access your personal information, such as login details, passwords, or even payment information. Beware of free games from unknown developers: They could turn out to be far more costly.

5. In-game ransomware

Many gamers invest thousands of hours(new window) in their video game characters. This is most common in massively multiplayer games like World of Warcraft. This is why many gamers have their accounts targeted: hackers know people will pay substantial sums to have access returned to them. Ransomware is typically injected when gamers buy third-party, unlicensed power-ups to benefit their character.

6. Keyloggers 

A keylogger is a kind of malware that records all your keystrokes to capture login credentials. Through emails or private messages, hackers posing as game developers may offer free content or access to a beta version of a new game. After falling for these phishing attacks(new window), a keylogger will record any passwords or login information you enter, giving the hacker access to your account. From there, they can steal your personal data or ransom your account(new window).

7. Unsecured WiFi 

Using unsecured public WiFi(new window) exposes you to risks if you enter your login credentials or credit card information. This risk is compounded by the fact that many gamers don’t use VPNs for fear they’ll slow down their connection speed, and thus worsen their online gaming experience (and additionally potentially face ISP throttling). However, it is worth mentioning that many VPN companies are even more problematic and compromised(new window) than the networks they seek to secure. It’s important to know the characteristics to look for in a trustworthy VPN provider(new window).

8. Phishing 

No matter the industry, phishing remains one of the most common forms of attack(new window). Typically an email is sent out posing as someone trustworthy, which encourages you to enter login information. However, if you do, whatever information you enter will be stolen and used to break into your account.

9. Not using 2FA 

Without two-factor authentication (2FA)(new window), your risk of getting hacked is much higher. Despite this, many game companies (and even enormous companies like Facebook and Google) do not require users to implement 2FA, leaving them vulnerable to many of the risks detailed above.

How to improve your online gaming privacy

The good news is that if you take online gaming privacy seriously, there are many things you can do to stay safe:

  • Seek out and utilize a trustworthy VPN provider that won’t contain malware or put your information at risk, such as ProtonVPN(new window).
  • Avoid using pirated versions of games from torrents. These may save you money (at least initially), but it will also make you significantly more vulnerable to malware and other online gaming privacy compromises. 
  • Be mindful of phishing attacks, including in-game. If someone you don’t know sends you links or attachments, do not click on or open them.
  • In your account, find the privacy settings and configure them to maximize your privacy, such as by turning off location tracking. In your security settings, turn on two-factor authentication if it’s available. 

Have you ever fallen victim to an online gaming scam? Are there any safety tips you use that you would recommend to the Proton community? Feel free to join the conversation on our social media channels.

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter(new window) | Facebook(new window) | Reddit(new window) | Instagram(new window)

To get a free Proton Mail encrypted email account, visit: window)

Protect your privacy and security online
Get Proton VPN free

Related articles

What is AirTag stalking?
In an era of “smart devices” that often double as spy devices, AirTags are tracking tools that are open about their function and can be vital in helping locate lost items (as anyone who has lost their car keys can attest to). However, as a recent cla
How to fix a "Your connection is not safe" error
As you surf the web using your browser, you’ll no doubt encounter websites that your browser will refuse to load, instead showing some variation of an error message, such as Your connection is not private or Warning: Potential Security Risk Ahead. 
Your search history is a window into your inner life. Anyone with access to it knows what your hobbies and interests are, your sexual orientation and preferences, the things that worry you (for example your medical concerns), your political affiliati
how to flush dns blog
  • Privacy deep dives
A DNS cache is a record of all the websites you’ve visited over a set amount of time. Simply put, your DNS cache is a list of websites you visited in the past that’s stored on your device. Your computer uses it to speed up visits to those same websit
Is Temu legit?
  • Privacy basics
Temu has become an unavoidable brand. Unknown to most up to a year ago, the online retailer exploded onto the digital scene in the United States with lavish ads and a riveting social media campaign, and has started its takeover in Europe now, too. As
We examIne whether the controversial Chinese video platform is safe to use
  • Privacy basics
In this article, we take an in-depth look at whether the wildly popular social media platform TikTok is safe to use. Several countries recently banned government officials from using TikTok, and now the US House of Representatives has passed the Pro