Privacy Ninja

Genshin Impact Is Leaking Players’ Phone Numbers

Genshin Impact Is Leaking Players’ Phone Numbers

Genshin Impact players revealed that the miHoYo account website would not hide your linked mobile phone number when you (or anyone else) try to recover the password.

This is a huge oversight by the Chinese developer, which might seriously endanger players’ security and privacy.

Several players have shared screenshots showing that when they try to recover their passwords for an account linked to their mobile phone number, the miHoYo account website will not hide or partially censor the mobile number at all, but the number will be fully revealed instead.

This means that anyone can simply go to the game’s website, go to “forgot password ” and enter your username, and if you linked a mobile number, it will not be censored at all.

Also Read: 10 Principles On How To Build A Good Governance Model

An example can be seen in the picture below:

Genshin Impact Phone Number Leak
(Picture: u/TiltOnPlay)

In this way, anyone can find out your phone number just by knowing your username, which is especially problematic for streamers, since their username is known by many who watch their streams.

Interestingly enough, if your account is connected with an email instead, the email address will be partially censored.

Another user has shared a screenshot of the Genshin Impact PC login screen, which apparently also reveals your phone number completely if the account is linked to a mobile number.

Genshin Impact phone number leak pc
(Picture: FailGod/miHoYo)

It goes without saying that this severely breaches all data protection laws, and it poses a serious threat to users’ data security and privacy.

Until the issue is being solved, we advise you to urgently unlink your phone number from your Genshin Impact account, as it is currently exposed and can be easily accessed with this method by practically anyone who knows your username in the game.

At the time of writing this article, Genshin Impact account website is currently down, so it is possible that miHoYo is aware of this issue and are trying to fix it, while temporarily shutting down the website in order to protect players’ phone numbers from a potential exploit caused by this leak.

Genshin Impact has been released on 28th September and quickly became one of the most popular games of today, with over 30 million active players, which phone numbers now might be exposed.

Also Read: Data Storage Security Standards: What Storage Professionals Need To Know

We will follow the situation closely and update the article with new information.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us