Back to News
Security Alert

BeamMP Multiplayer Mod Compromised — Security Breach Details

Mar 30, 20264 min readBy BeamNGPitStop Staff

SECURITY ALERT: On March 28, 2026, BeamMP, the popular multiplayer mod for BeamNG.drive, suffered a devastating cyber attack that compromised its infrastructure and user data. The BeamMP team has advised all users to take immediate security precautions.

What is BeamMP?

BeamMP is a community-built multiplayer modification for BeamNG.drive that allows players to join servers and drive together in the same world. The mod is developed and maintained by passionate volunteers and has grown into a large community with thousands of active players.

The Cyber Attack

On March 28, 2026, BeamMP Project Manager mack29446 announced that the service had been raided by malicious actors. The attack followed weeks of DDoS (Distributed Denial of Service) attempts targeting various parts of BeamMP's infrastructure. The most recent attack included deliberate actions to break into BeamMP's forum, resulting in a complete data breach. Additionally, the BeamMP Discord server was completely wiped after attackers obtained a bot token with administrative rights.

What Data Was Compromised?

According to the official BeamMP statement, the following user data was obtained by the attackers:

- Usernames: The username you signed up to BeamMP with

- Salted password hashes: One-way-encrypted versions of passwords (NOT the actual passwords themselves)

- Email addresses: The email address you used to sign up, and any secondary emails (used for Patreon linking)

- IP addresses: Registration and last login IP addresses

- Linked account IDs: Any IDs linked to your BeamMP account (such as Discord ID)

- Posted forum content: Any content you posted publicly in the forum

Important: BeamMP states that actual passwords were NOT compromised, only encrypted hashes. Additionally, there is no verified evidence that the launcher or users' computers were compromised.

What You Should Do

If you have a BeamMP account, follow these steps immediately:

1. Change your password on any other platform where you used the same password as BeamMP

2. Monitor your email account for suspicious activity

3. If you plan to continue using BeamMP, verify your launcher installation using the digital signature verification process provided by BeamMP

4. Consider using a unique password if you reinstall BeamMP

Verifying Your BeamMP Installation

If you want to verify that your BeamMP launcher has not been tampered with, follow these steps: Right-click 'BeamMP-Launcher.exe' and open Properties. Go to Security > Digital Signatures, select 'BeamMP Mod Team', click Details, then View Certificate. In the certificate window, open Details and find the Thumbprint. Verify it matches: 0c999ca7011538e41ac3993ca84d109e6e429c5f

Recovery and Security Improvements

BeamMP has since come back online after conducting a full security audit of their systems. The team emphasized that they take data security very seriously and that all systems are built with security in mind. Users are advised to check the official BeamMP Discord server for the latest updates on security improvements and service restoration.

Sources

This information is based on official statements from the BeamMP development team, as reported by The Verge, Overtake.gg, and community discussions on Reddit. For the latest updates, visit the official BeamMP Discord server.