You’ve undoubtedly heard of Heartbleed at this point. The exploit of openSSL protocols affected 66% of all internet sites when it was discovered, and many massive online communities had to deal with account security issues as a result. We take these sorts of threats extremely seriously here at ROBLOX, and want to ensure that all of our valued users are protected from online threats.
As soon as we became aware of this problem, we took a deep dive into our web infrastructure to ensure that we were buttoned up entirely, and that no user accounts were compromised in any way. We’re happy to report that this particular exploit didn’t affect ROBLOX, though we still encourage you to verify the email address associated with your ROBLOX account for enhanced security. It’s a step that is easy, free, and will keep your ROBLOX account as safe as possible. It’s also worth noting that swapping your password every month or so is never a bad thing. Finally, never give your password to anyone, not even anyone claiming to be ROBLOX staff. There is no reason for you to ever have to give up your log in credentials. Stay safe out there.